5 matches found
CVE-2025-66735
youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles...
CVE-2025-66735
youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles...
CVE-2025-66735
youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles...
CVE-2025-66735
youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles...
CVE-2025-66735
CVE-2025-66735 affects youlai-boot v2.21.1, with an Incorrect Access Control in SysRoleController.getRoleForm. The cited sources (NVD/RedHat/EUVD/CVE listing) state the function does not perform permission checks, potentially allowing non-root users to access root roles. Impact is described as hi...