CVE-2025-4819 | y_project RuoYi 4.8.0 Offline Logout batchForceLogout ids improper authorization

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization.

This vulnerability is traded as CVE-2025-4819. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4819 | y_project RuoYi 4.8.0 Offline Logout batchForceLogout ids improper authorization

Post correlati

CVE-2024-13491 | enituretechnology Small Package Quotes Plugin up to 4.3.1 on WordPress edit_id/dropship_edit_id sql injection

CVE-2023-7298 | Autodesk FBX SDK 2020.3.4 FBX File out-of-bounds write

CVE-2024-22530 | Steinbeis Allegra getFileContentAsString path traversal

CVE-2024-57428 | PHPJabbers Cinema Booking System 2.0 event_img/seat_maps/number[new_X] cross site scripting