shenyu has insecure access control. The vulnerability exists due to a lack of validation of the user access via the /plugin api allowing an attacker to access the system without authentication.
CPE | Name | Operator | Version |
---|---|---|---|
shenyu-admin | le | 2.4.1 | |
shenyu-admin | le | 2.4.1 |