Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mandelo ssm_shiro_blog Backend updateRoles access control
Vulnerability Description
A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file updateRoles of the component Backend. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250123.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Mandelo ssm_shiro_blog 访问控制错误漏洞
Vulnerability Description
ssm_shiro_blog是mandelo个人开发者的一个博客系统。 Mandelo ssm_shiro_blog 1.0版本存在访问控制错误漏洞,该漏洞源于组件 Backend 中的 updateRoles 存在未知函数,导致不正确的访问控制。
CVSS Information
N/A
Vulnerability Type
N/A