2 matches found
CVE-2025-10988 YunaiV ruoyi-vue-pro transfer improper authorization
A vulnerability was identified in YunaiV ruoyi-vue-pro up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor w...
yudao-cloud 安全漏洞
yudao-cloud is a backend management system for YunaiV individual developers. A security vulnerability exists in yudao-cloud version 2025.09 and earlier, which stems from incorrect manipulation of the parameter ids/newOwnerUserId in the file /crm/business/transfer, which could lead to improper...