Gửi #754431: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsthông tin

tiêu đềwarehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
Mô tảSales and salesback endpoints do not enforce permissions. Attackers can forge sales or return records, delete legitimate records, and manipulate revenue/stock data, which impacts accounting accuracy and business reporting. These endpoints should enforce role-based access control, validate ownership/workflow state, and log all changes for auditability.
Nguồn⚠️ https://github.com/yeqifu/warehouse/issues/63
Người dùng
 AliceS614 (UID 94277)
Đệ trình09/02/2026 05:58 (cách đây 5 các tháng)
Kiểm duyệt20/02/2026 10:01 (11 days later)
Trạng tháiđược chấp nhận
Mục VulDB347088 [yeqifu warehouse đến aaf29962ba407d22d991781de28796ee7b4670e4 Sales Endpoint SalesController.java addSales/updateSales/deleteSales nâng cao đặc quyền]
điểm18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!