RSS   Podatności dla
'Cashier accounting management system'
   RSS

2021-11-16
 
CVE-2021-42337

CWE-285
 

 
The permission control of AIFU cashier management salary query function can be bypassed, thus after obtaining general user�??s permission, the remote attacker can access account information except passwords by crafting URL parameters.

 


Copyright 2024, cxsecurity.com

 

Back to Top