Site icon API Security Blog

Privilege Escalation

jeecg-boot-base-core is vulnerable to Privilege Escalation. The vulnerability exists due to the lack of permission checks in the library, which allows an attacker to gain escalated privileges and view sensitive information such as email, phone and enumerate usernames via API URI: `/sys/user/querySysUser?username=admin`Read More

Exit mobile version