MineAdmin Swagger information disclosure

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

信息暴露

MineAdmin 访问控制错误漏洞

MineAdmin是MineAdmin开源的一个权限管理系统。 MineAdmin 1.x版本和2.x版本存在访问控制错误漏洞，该漏洞源于对组件Swagger的操作不当，可能导致信息泄露。

N/A

N/A