Authorization Bypass

github.com/minio/minio is vulnerable to authorization bypass. PostPolicyHandler did not verify user policies and allows an attacker to bypass the readOnly policy by creating a temporary mc share upload URL...

MinIO 授权问题漏洞

MinIO is an open source object storage server from US-based MinIO. The product supports building infrastructures for machine learning, analytics and application data workloads. An authorization issue vulnerability previously existed in the MinIO RELEASE.2021-03-04T00-53-13Z version that allowed...