Vertical Authorization Vulnerability in feiqu-opensource IndexController.java

Vertical Authorization Vulnerability in feiqu-opensource IndexController.java

CVE-2023-27088 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will.

Learn more about our User Device Pen Test.