2 matches found
CVE-2025-10384
creationtimestamp| type| source ---|---|--- 2025-09-13 22:56:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyqurni4mh2m...
CVE-2025-10384 yangzongzhuan RuoYi Role cancelAll improper authorization
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...