Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 1:11 a.m.16 views

CVE-2022-21660

Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...

8.1CVSS6.7AI score0.01097EPSS
Exploits2References1
CVE
CVE
added 2022/02/09 7:55 p.m.96 views

CVE-2022-21660

Gin-vue-admin, a Vue/Gin-based backstage management system, is vulnerable prior to version 2.4.7 due to missing authentication on the SetUserInfo endpoint, allowing a low-privilege user to modify higher-privilege accounts. The issue stems from not validating the target user ID in SetUserInfo, com...

8.1CVSS8.1AI score0.01097EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/09 7:55 p.m.9 views

CVE-2022-21660 Missing authorization in gin-vue-admin

Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...

8.1CVSS8.1AI score0.01097EPSS
Exploits2References1
OSV
OSV
added 2022/02/09 7:55 p.m.24 views

CVE-2022-21660 Missing authorization in gin-vue-admin

Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...

8.1CVSS8AI score0.01097EPSS
Exploits2References3
Cvelist
Cvelist
added 2022/02/09 7:55 p.m.39 views

CVE-2022-21660 Missing authorization in gin-vue-admin

Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...

8.1CVSS8.3AI score0.01097EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2022/01/10 5:50 a.m.564 views

Exploit for Missing Authorization in Gin-Vue-Admin_Project Gin-Vue-Admin

Gin-Vue-admin Vertical Override Vulnerability and Code Analy...

8.1CVSS7.1AI score0.01097EPSS
Exploits2
Rows per page
Query Builder