4 matches found
CVE-2026-30225
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new...
CVE-2026-30225
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new...
OliveTin 安全漏洞
OliveTin is an open-source web application developed by OliveTin. Versions of OliveTin prior to 3.00.11.1 contained security vulnerabilities. These vulnerabilities were caused by authentication context confusion in the RestartAction, which could allow low-privilege verified users to perform...
GHSA-P443-P7W5-2F7F OliveTin's RestartAction always runs actions as guest
Summary An authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new internal connect.Request without preserving the original caller’s authentication headers or cookie...