The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization check.
References
Link | Resource |
---|---|
https://github.com/xujeff/tianti/issues/29 | Exploit Third Party Advisory |
https://github.com/xujeff/tianti/issues/29 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 03:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/xujeff/tianti/issues/29 - Exploit, Third Party Advisory |
Information
Published : 2018-11-08 08:29
Updated : 2024-11-21 03:57
NVD link : CVE-2018-19110
Mitre link : CVE-2018-19110
CVE.ORG link : CVE-2018-19110
JSON object : View
Products Affected
tianti_project
- tianti
CWE
CWE-862
Missing Authorization