Lucene search
+L

5 matches found

circl
circl
added 2025/04/07 5:12 p.m.9 views

CVE-2025-28407

creationtimestamp| type| source ---|---|--- 2025-04-07 17:12:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf5noat2q 2025-04-07 18:44:54+00:00| seen| https://t.me/cvedetector/22328 2025-04-08 19:47:30+00:00| published-proof-of-concept|...

8.8CVSS5.8AI score0.00543EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/04/07 12:0 a.m.10 views

CVE-2025-28407

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/dictId endpoint does not properly validate whether the requesting user has permission to modify the specified dictId...

7.3AI score0.00543EPSS
Exploits1References2
cvelist
cvelist
added 2025/04/07 12:0 a.m.19 views

CVE-2025-28407

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/dictId endpoint does not properly validate whether the requesting user has permission to modify the specified dictId...

0.00543EPSS
Exploits1References2
cve
cve
added 2025/04/07 12:0 a.m.56 views

CVE-2025-28407

CVE-2025-28407 affects RUoYi v4.8.0. A remote attacker can escalate privileges through the /edit/{dictId} endpoint due to insufficient permission validation on dictId modification. The CVE indicates high impact (CVSS 3.1: 8.8, Network/Low complexity, Privileges Required: Low, User Interaction: No...

8.8CVSS7.3AI score0.00543EPSS
Exploits1References2Affected Software1
osv
osv
added 2025/04/07 12:0 a.m.10 views

CVE-2025-28407

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/dictId endpoint does not properly validate whether the requesting user has permission to modify the specified dictId...

8.8CVSS7AI score0.00543EPSS
Exploits1References4
Rows per page
Query Builder