CNNVD-202506-1848 Information

CNNVD ID

CNNVD-202506-1848

Related CVE

CVE-2025-6099

• CNNVD Published: 2025-06-16

Description (Chinese)

szluyu99 gin-vue-blog是Zhenyu个人开发者的一个Golang 全栈博客，支持 Docker Compose 一键部署。基于最新前后端技术栈 Vue3、TS、Unocs 、Redis 等。前端包含博文展示前台、博客后台管理系统。后端包含 JWT 鉴权、RBAC 权限控制等。 szluyu99 gin-vue-blog存在安全漏洞，该漏洞源于授权不当问题，可能导致未授权访问。

Description (English)

Szluyu99 g-vue-blog is a Golang all-round blog of Zhenyu’s personal developer, supporting Docker Company’s deployment. Based on state-of-the-art technology warehouse Vue3, TS, Unocs, Redis, etc. The front end consists of a Bovin display front desk, a blog backstage management system. Backend contains JWT rights, RBAC privileges control, etc. There is a security loophole in szluyu99 gin-vue-blog, which stems from inappropriate mandates and may lead to unauthorized visits.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-06-16

Last Modified

2026-02-24

References

https://github.com/szluyu99/gin-vue-blog/issues/28 https://vuldb.com/?id.312568 https://vuldb.com/?ctiid.312568 https://vuldb.com/?submit.589495 https://access.redhat.com/security/cve/cve-2025-6099