6 matches found
CVE-2022-21660
Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...
CVE-2022-21660
Gin-vue-admin, a Vue/Gin-based backstage management system, is vulnerable prior to version 2.4.7 due to missing authentication on the SetUserInfo endpoint, allowing a low-privilege user to modify higher-privilege accounts. The issue stems from not validating the target user ID in SetUserInfo, com...
CVE-2022-21660 Missing authorization in gin-vue-admin
Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...
CVE-2022-21660 Missing authorization in gin-vue-admin
Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...
CVE-2022-21660 Missing authorization in gin-vue-admin
Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...
Exploit for Missing Authorization in Gin-Vue-Admin_Project Gin-Vue-Admin
Gin-Vue-admin Vertical Override Vulnerability and Code Analy...