Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Dromara lamp-cloud DefUserController pageUser improper authorization
Vulnerability Description
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不恰当
Vulnerability Title
Dromara Lamp-Cloud 授权问题漏洞
Vulnerability Description
Dromara Lamp-Cloud是dromara开源的基于Jdk11 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台。 Dromara Lamp-Cloud 5.8.1及之前版本存在授权问题漏洞,该漏洞源于函数pageUser存在授权不当。
CVSS Information
N/A
Vulnerability Type
N/A