CNNVD-202511-810 Information

CNNVD ID

CNNVD-202511-810

Related CVE

CVE-2025-63691

• CNNVD Published: 2025-11-07

Description (Chinese)

pig是pig-mesh开源的一个权限管理系统。 pig 3.8.2及之前版本存在安全漏洞，该漏洞源于系统管理模块中令牌管理功能的令牌查询接口/api/admin/sys-token/page存在权限验证不当问题，可能导致信息泄露和权限提升。

Description (English)

Pig is a rights management system for pig-mesh open source. There is a security loophole in the pig 3.8.2 and previous versions, which stems from a token query interface/api/admin/sys-token/page in the token management function in the system management module, which has the potential to cause leaks of information and increase privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

pig-mesh

Published

2025-11-07

Last Modified

2026-02-24

References

https://github.com/LockeTom/vulnerability/blob/main/md/pig_Information_disclosure_vulnerability.md https://github.com/pig-mesh/pig/issues/1202