Vulnerabilities

CVE-2025-46175

by Fred · 26/11/2025

Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the authRole method of SysUserController.java.

More information : https://gist.github.com/Han-tj/74d2ed84ede1909da55090fed410d288

Similar

Tags: Cybersecurity Alert