Vulnerabilities

CVE-2025-66735

by Fred · 22/12/2025

youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles.

More information : https://gist.github.com/old6ma/dc9e6e4a693d12c1a35fd4e1d21d4743

Similar

Tags: Cybersecurity Alert