PT-2024-29457 · Unknown · Lin-Cms Springboot
Published
2024-07-19
·
Updated
2024-08-22
·
CVE-2024-41600
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
lin-CMS Springboot versions 0.2.1 and before
Description
The issue allows a remote attacker to obtain sensitive information via the login method in the UserController.java component.
Recommendations
For versions 0.2.1 and before, consider restricting access to the login method in the UserController.java component until a fix is available.
As a temporary workaround, review and secure the permissions configuration to prevent unauthorized access.
Exploit
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lin-Cms Springboot