Описание
An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jeesite:jeesite:1.2.6:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 4.3
github
больше 2 лет назад
An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information.
EPSS
Процентиль: 14%
0.00047
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-862