Описание
An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts.
Ссылки
- ExploitThird Party Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2025-09-04 (включая)
cpe:2.3:a:rymcu:forest:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 6.5
github
3 месяца назад
An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts.
EPSS
Процентиль: 16%
0.0005
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-863