CNNVD-202511-2882 Information

CNNVD ID

CNNVD-202511-2882

Related CVE

CVE-2025-56396

• CNNVD Published: 2025-11-26

Description (Chinese)

Ruoyi是若依个人开发者的一个后台管理系统。 Ruoyi 4.8.1版本存在安全漏洞，该漏洞源于所属部门权限高于活动用户，可能导致权限提升。

Description (English)

Ruoyi is a back-office management system based on an individual developer. There is a security loophole in version 4.8.1 of Ruoyi, which stems from the fact that the authority has more authority than the active user, which may lead to an increase in privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-26

Last Modified

2026-02-24

References

https://gist.github.com/Han-tj/22cfd18fa9f116bb886e8e56782f6865 https://gitee.com/y_project/RuoYi/issues/ICJ865 https://access.redhat.com/security/cve/cve-2025-56396