How severe is CVE-2025-28403?

CVE-2025-28403 has a CVSS v3 score of 7.2 (HIGH).

CVE-2025-28403

Name: ruoyi
Author: ruoyi

7.2HIGH

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing m

发布于: 4/7/2025更新于: 4/9/2025

描述

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings

AI分析AI驱动

受影响产品

ruoyiruoyi

4.8.0

参考资料

https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28403.md
ExploitThird Party Advisory
https://github.com/yangzongzhuan/RuoYi
Product
https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28403.md
ExploitThird Party Advisory