Casdoor Security Vulnerabilities and Issues — Casdoor CVE List

Lucene search

CasbinCasdoor

3 matches found

CVE•added 2022/09/09 8:15 p.m.•324 views

CVE-2022-38638

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.

9.1CVSS9.3AI score0.00285EPSS

CVE•added 2022/01/29 11:15 p.m.•91 views

CVE-2022-24124

The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations.

7.5CVSS7.5AI score0.63898EPSS

CVE•added 2022/12/07 2:15 a.m.•47 views

CVE-2022-44942

Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.

8.1CVSS8.1AI score0.00412EPSS