exploitDog

CVE-2025-56396

Опубликовано: 26 нояб. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the owning department having higher rights than the active user.

Ссылки

https://gist.github.com/Han-tj/22cfd18fa9f116bb886e8e56782f6865
Third Party Advisory
https://gitee.com/y_project/RuoYi/issues/ICJ865
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ruoyi:ruoyi:4.8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00057

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284

Связанные уязвимости

GHSA-xhr6-7rpm-rmv3

CVSS3: 8.8

github

2 месяца назад

An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the owning department having higher rights than the active user.

EPSS

Процентиль: 18%

0.00057

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284