CVE-2022-32430

描述

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.

受影響套件(1)

• Maven/io.github.talelin:lin-cms-corefrom 0, <= 0.2.1

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-32430
• PATCHhttps://github.com/TaleLin/lin-cms-spring-boot
• WEBhttps://github.com/TaleLin/lin-cms-spring-boot/blob/3fc25bd8c10c73db2e7230809b322127eac554e3/src/main/resources/application.yml#L43
• WEBhttps://web.archive.org/web/20220721190946/https://www.mesec.cn/archives/277