exploitDog

GHSA-fwg4-qwcv-hw45

Опубликовано: 23 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

Incorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their scope.

Incorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their scope.

Ссылки

EPSS

Процентиль: 1%

0.00011

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-70985

CVSS3: 9.1

nvd

15 дней назад

Incorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their scope.

EPSS

Процентиль: 1%

0.00011

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-284