JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authentication

A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

认证机制不恰当

JAdmin 授权问题漏洞

JAdmin是JAdmin-JAVA开源的一个基于Java语言的快速开发平台。 JAdmin 1.0版本存在授权问题漏洞，该漏洞源于Admin Backend组件中文件NoNeedLoginController.java的toLogin函数存在身份验证不当。

N/A

N/A