Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/04/09 2:9 a.m.16 views

CVE-2025-28409

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/parentId endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId...

8.8CVSS7.4AI score0.00543EPSS
Exploits2References1
Circl
Circl
added 2025/04/07 5:12 p.m.12 views

CVE-2025-28409

creationtimestamp| type| source ---|---|--- 2025-04-07 17:12:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf54e332g 2025-04-07 18:44:40+00:00| seen| https://t.me/cvedetector/22319 2025-08-09 17:25:38+00:00| seen| MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea 2025-09-10...

8.8CVSS4.8AI score0.00543EPSS
Exploits2References2
OSV
OSV
added 2025/04/07 12:0 a.m.14 views

CVE-2025-28409

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/parentId endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId...

8.8CVSS9.5AI score0.00614EPSS
Exploits2References4
CVE
CVE
added 2025/04/07 12:0 a.m.69 views

CVE-2025-28409

The CVE-2025-28409 entry concerns RUoYi v4.8.0 where the add/{parentId} endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId, enabling privilege escalation. Affected software is RUoYi v4.8.0; the underlying issue is insuffi...

8.8CVSS7.4AI score0.00614EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder