CVE-2025-28406
CVE-2025-28406 affects RUoYi v4.8.0. A remote attacker can escalate privileges via the experimental-like parameter jobLogId in RUoYi, leading to full/total impact as indicated by CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8, CRITICAL). Connected sources note this is a privilege-...