CVE-2021-42337
CVE-2021-42337 concerns the AIFU cashier management salary query function. A bypass of permission control allows a remote attacker who has obtained general user permission to access account information (excluding passwords) by crafting URL parameters. The issue is described across multiple source...