5 matches found
CVE-2025-4819 y_project RuoYi Offline Logout batchForceLogout improper authorization
A vulnerability classified as problematic has been found in yproject RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack...
CVE-2025-4819
CVE-2025-4819 affects y_project Ruoyi 4.8.0, targeting the /monitor/online/batchForceLogout path in the Offline Logout component. The issue arises from manipulation of the ids argument, leading to improper authorization and enabling a remote attack. The exploit is described as high complexity, bu...
CVE-2025-28401
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the menuId parameter...
PT-2025-15243 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the jobId parameter. Recommendations: For RUoYi version 4.8.0, consider restricting access to the jobId parameter to minimize the risk of...
CVE-2025-28401
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the menuId parameter...