My-site Security Vulnerabilities and Issues — My-site CVE List

Lucene search

WinterchensMy-site

5 matches found

CVE•added 2025/08/11 9:15 a.m.•9 views

CVE-2025-8838

A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be in...

9.8CVSS7.3AI score0.00115EPSS

CVE•added 2025/08/22 6:15 p.m.•8 views

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication.

9.8CVSS6.5AI score0.00075EPSS

CVE•added 2025/08/20 5:15 p.m.•8 views

CVE-2025-50904

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.

9.8CVSS6.8AI score0.00066EPSS

CVE•added 2025/08/20 6:15 p.m.•7 views

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication.

7.5CVSS7AI score0.00045EPSS

CVE•added 2025/08/20 7:15 p.m.•7 views

CVE-2024-57152

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class

7.5CVSS6.7AI score0.00045EPSS