An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
8.8CVSS
8.7AI Score
0.001EPSS
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
9.8CVSS
9.2AI Score
0.002EPSS