Súbít #681080: RYMCU forest V1.0 Missing Authenticationbayani

KuraRYMCU forest V1.0 Missing Authentication
GaskiyaThe application contains a critical security flaw in the Lucene user dictionary management API where ANY unauthenticated user can perform Create, Read, Update, and Delete (CRUD) operations on the system-wide search dictionary. This dictionary directly affects the full-text search functionality across the entire application, including article search, user search, and tag recognition.
Manga⚠️ https://github.com/rymcu/forest/issues/199
Màdùmga
 1098024193 (UID 45260)
Furta10/23/2025 11:35 (4 Wurɗi 전)
Gargajiya11/09/2025 07:54 (17 days later)
HalittaShingilam
VulDB gite331645 [rymcu forest har de53ce79db9faa2efc4e79ce1077a302c42a1224 UserDicController.java getAll/addDic/getAllDic/deleteDic kura hakki ndiyam]
Nganji19

GurɗoGumtiGada

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!