10 matches found
CVE-2026-2819
A vulnerability was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workflow Module. The manipulation leads to missing authorization. The attack may be initiated remotely...
CVE-2026-2819
A vulnerability was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workflow Module. The manipulation leads to missing authorization. The attack may be initiated remotely...
CVE-2026-2819
The CVE concerns Dromara RuoYi-Vue-Plus (up to 5.5.3) with a flaw in the Workflow Module’s SaServletFilter handling the endpoint /workflow/instance/deleteByInstanceIds. The root cause is missing authorization, enabling a remote attacker to manipulate workflow instances. The description states the...
CVE-2025-6925
A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...
CVE-2025-6925
A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...
CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal
A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...
CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal
A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...
CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal
A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...
CVE-2025-6925
The CVE-2025-6925 entry affects Dromara RuoYi-Vue-Plus 5.4.0. The Mail Handler’s MailController.java exposes a vulnerability via manipulation of the filePath argument, causing path traversal. The issue is exploitable remotely and has publicly disclosed proof-of-concept information; vendor respons...
PT-2025-27469 · Dromara · Dromara Ruoyi-Vue-Plus
Name of the Vulnerable Software and Affected Versions: Dromara RuoYi-Vue-Plus version 5.4.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The...