Yaoqishan · Yaoqishan · CVE-2025-45615
**Name of the Vulnerable Software and Affected Versions**
yaoqishan version 0.0.1-SNAPSHOT
**Description**
The issue is related to incorrect access control in the "/admin/" API endpoint, which allows attackers to gain access to Admin rights via a crafted request.
**Recommendations**
For yaoqishan version 0.0.1-SNAPSHOT, consider restricting access to the "/admin/" API endpoint until a proper fix is applied.
As a temporary workaround, review and enforce strict access controls for the `/admin/` API endpoint to minimize the risk of exploitation.