9 matches found
CVE-2025-70986
Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...
CVE-2025-70986
Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...
CVE-2025-70986
Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...
CVE-2025-70986
Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...
CVE-2025-70986
CVE-2025-70986 affects RuoYi v4.8.2, in the selectDept function where improper access control allows unauthorized users to arbitrarily read sensitive department data. The vulnerability is rated CVSS v3.1 base score 7.5 (HIGH), with NETWORK attack vector, LOW complexity, no privileges required, an...
CVE-2025-70986
Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...
CVE-2025-70986
Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...
Ruoyi security vulnerabilities
Ruoyi is a backend management system developed by Ruoyi’s individual developer. The Ruoyi v4.8.2 version has a security vulnerability, which stems from improper access control in the selectDept function. This vulnerability could allow unauthorized attackers to access sensitive departmental data a...
PT-2026-4524
Name of the Vulnerable Software and Affected Versions RuoYi version 4.8.2 Description A flaw exists in the access control mechanism of the selectDept function. This allows unauthorized access to sensitive department data. Recommendations Update to a newer version that contains a fix for this...