Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens
Vulnerability Description
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.4, the REST API `getUsers` endpoint in StudioCMS uses the attacker-controlled `rank` query parameter to decide whether owner accounts should be filtered from the result set. As a result, an admin token can request `rank=owner` and receive owner account records, including IDs, usernames, display names, and email addresses, even though the adjacent `getUser` endpoint correctly blocks admins from viewing owner users. This is an authorization inconsistency inside the same user-management surface. Version 0.4.4 fixes the issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
StudioCMS 安全漏洞
Vulnerability Description
StudioCMS是StudioCMS开源的一个内容管理系统。 StudioCMS 0.4.4之前版本存在安全漏洞,该漏洞源于REST API getUsers端点使用攻击者控制的rank查询参数,可能导致管理员令牌获取所有者账户记录,造成授权不一致。
CVSS Information
N/A
Vulnerability Type
N/A