3 matches found
CVE-2025-28403
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings...
CVE-2025-28403
creationtimestamp| type| source ---|---|--- 2025-04-07 17:12:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf4sdky2h 2025-04-07 18:44:53+00:00| seen| https://t.me/cvedetector/22326 2025-04-08 19:47:20+00:00| published-proof-of-concept|...
CVE-2025-28403
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings...