提交 #754430: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls信息

标题warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
描述Inport and outport endpoints do not enforce permissions. Attackers can forge inventory movements, adjust quantities, or delete records, leading to stock inaccuracies, financial discrepancies, and possible abuse of procurement/return workflows. This can lead to inaccurate stock levels, financial discrepancies, and abuse of procurement/return workflows.
来源⚠️ https://github.com/yeqifu/warehouse/issues/62
用户
 AliceS614 (UID 94277)
提交2026-02-09 05時55分 (5 月前)
管理2026-02-20 10時01分 (11 days later)
状态已接受
VulDB条目347087 [yeqifu warehouse 直到 aaf29962ba407d22d991781de28796ee7b4670e4 Inport Endpoint InportController.java addInport/updateInport/deleteInport 权限提升]
积分18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!