Mrzbb

**Name of the Vulnerable Software and Affected Versions** MeterSphere versions prior to 2.10.10-lts **Description** MeterSphere is a one-stop open source continuous testing platform. The issue allows authenticated attackers to update resources that do not belong to them if the resource ID is known. **Recommendations** For versions prior to 2.10.10-lts, update to version 2.10.10-lts to resolve the issue. As a temporary workaround, consider restricting access to resource update functionality to minimize the risk of exploitation.