CNNVD-202508-2964 Information

CNNVD ID

CNNVD-202508-2964

Related CVE

CVE-2024-46413

• CNNVD Published: 2025-08-25

Description (Chinese)

Rebuild是getrebuild开源的一个高度可定制化的企业管理系统。 Rebuild v3.7.7版本存在安全漏洞，该漏洞源于com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex方法中的type参数存在服务端请求伪造。

Description (English)

Rebuild is a highly customized enterprise management system for the open source of Getrebuild. The security loophole in Release Rebuild v3.7.7 stems from the forgery request for type parameters in the service-end method of RBStoreController#loadDataIndex.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

getrebuild

Published

2025-08-25

Last Modified

2026-02-24

References

https://github.com/RacerZ-fighting/rebuild-vulns/blob/main/rebuild%203.7.7.md https://github.com/RacerZ-fighting/CVE-vulns/blob/main/rebuild%203.7.7.md https://nvd.nist.gov/vuln/detail/CVE-2024-46413

Patch

https://github.com/getrebuild/rebuild/releases