ГлавнаяУязвимости → CVE-2024-57154
9.8критическая

CVE-2024-57154

Описание

Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication via sending a crafted payload to /admin/auth/index.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/qiguliuxing/dts-shop/issues/29