CVE-2024-57152

High CVSS: 7.5

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class

Vendor

Winterchens

Product

My-site

CWE

CWE-284

Yayın Tarihi

2025-08-20 19:15:31

Güncelleme

2025-09-11 19:08:32

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 My-site HIGH Winterchens 2025

Referanslar

https://github.com/WinterChenS/my-site/issues/92

Benzer Kayıtlar

Critical

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive compone…

High

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive compon…

Critical

CVE-2025-50904

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can…

Medium

CVE-2025-8838

A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability…