Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Soar Cloud System Co., Ltd. HR Portal - Broken Access Control
Vulnerability Description
The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
访问控制不恰当
Vulnerability Title
Soar Cloud System HR 安全漏洞
Vulnerability Description
Soar Cloud System HR是中国飞腾云端(Soar Cloud)公司的一个应用软件。提供了一个人力资源系统。 Soar Cloud System HR 存在安全漏洞,远程攻击者可利用该漏洞获取用户ID的同时,可以通过特定的数据包访问敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A