提交 #754037: feiyuchuixue https://github.com/feiyuchuixue/sz-boot-parent sz-boot-parent <= v1.3.2-beta VPE信息

标题feiyuchuixue https://github.com/feiyuchuixue/sz-boot-parent sz-boot-parent <= v1.3.2-beta VPE
描述For the API `/api/admin/sys-user/reset/password/{userId}`, users with ordinary permissions can reset the passwords of other users—a function that should only be executable by administrators. The passwords will be reset to the default value **sz123456**.
来源⚠️ https://github.com/yuccun/CVE/blob/main/sz-boot-parent-VPE_Unauthorized_Password_Reset.md
用户
 yuccun (UID 93614)
提交2026-02-07 19時51分 (3 月前)
管理2026-02-25 09時32分 (18 days later)
状态已接受
VulDB条目347744 [feiyuchuixue sz-boot-parent 直到 1.3.2-beta Password Reset password userId 权限提升]
积分18

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!