Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin

Main / Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin

Discription

An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator. Version 1.11.2 contains a patch for this issue.Read More

References

Back to Main

Subscribe for the latest news: