CVE-2024-57438 Information

Description

Insecure permissions in RuoYi v4.8.0 allows authenticated attackers to escalate privileges by assigning themselves higher level roles.

Reference

https://gitee.com/y_project/RuoYi https://github.com/peccc/restful_vul/blob/main/ruoyi_insecure_role_assignments/ruoyi_insecure_role_assignments.md https://github.com/yangzongzhuan/RuoYi https://ruoyi.vip/