How severe is CVE-2025-28403?

CVE-2025-28403 has a CVSS v3 score of 7.2 (HIGH).

CVE-2025-28403

Name: ruoyi
Author: ruoyi

7.2HIGH

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing m

公開日: 4/7/2025更新日: 4/9/2025

説明

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings

AI分析AIによる分析

影響を受ける製品

ruoyiruoyi

4.8.0

参照

https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28403.md
ExploitThird Party Advisory
https://github.com/yangzongzhuan/RuoYi
Product
https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28403.md
ExploitThird Party Advisory