keycloak: Unguarded admin REST API endpoints allows low privilege users to use administrative functionalities

A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise...

ZOHO ManageEngine ServiceDesk Plus 访问控制错误漏洞

ZOHO ManageEngine ServiceDesk Plus SDP is a set of ITIL-based IT service management software from ZOHO. The software integrates incident management, issue management, asset management IT project management, procurement and contract management, etc. An authorization issue vulnerability exists in...