提交 #812258: eladmin 2.7 Improper Access Controls信息

标题eladmin 2.7 Improper Access Controls
描述The PUT /api/roles endpoint in eladmin v2.7 contains a critical authorization bypass vulnerability where attackers caneither demote high-privileged admin roles or escalate data access permissions by exploiting insufficient validationin the getLevels() method, which only checks if the submitted level value is greater than or equal to the user'scurrent level without verifying the target role's original permissions, allowing lower-privileged users (e.g.,level=3) to modify higher-privileged roles (e.g., level=1) by submitting a request with a level matching their own,while completely omitting the level field bypasses all checks and lets attackers arbitrarily modify the dataScopefield to "全部" (all data access) or other values, effectively enabling privilege escalation, unauthorized roledemotion, and global data access through direct manipulation of these unprotected parameters.
来源⚠️ https://github.com/elunez/eladmin/issues/898
用户
 AliceS614 (UID 94277)
提交2026-04-24 16時24分 (3 月前)
管理2026-05-23 08時31分 (29 days later)
状态重复
VulDB条目361917 [eladmin 直到 2.7 Users API Endpoint UserController.java checkLevel 权限提升]
积分0

Might our Artificial Intelligence support you?

Check our Alexa App!