CVE-2025-45608

Name of the Vulnerable Software and Affected Versions Xinguan version 0.0.1-SNAPSHOT

Description The issue is related to incorrect access control in the "/system/user/findUserList" API endpoint, which allows attackers to access sensitive information by sending a crafted payload.

Recommendations For Xinguan version 0.0.1-SNAPSHOT, consider restricting access to the "/system/user/findUserList" API endpoint until a patch is available. As a temporary workaround, avoid using this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.