CVE-2025-70985 | RuoYi 4.8.2 update access control

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability was found in RuoYi 4.8.2 and classified as critical. Impacted is the function update. Such manipulation leads to improper access controls.

This vulnerability is referenced as CVE-2025-70985. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-70985 | RuoYi 4.8.2 update access control

Post correlati

CVE-2025-5878 | ESAPI esapi-java-legacy up to 2.6.2.0 SQL Injection Defense Encoder.encodeForSQL special element

CVE-2024-39905 | Cog-Creators Red-DiscordBot up to 3.5.9 can_manage_channel authorization (GHSA-5jq8-q6rj-9gq4)

VDB-249634 | Microsoft Azure GitHub Action code injection

CVE-2023-51308 | PHPJabbers Car Park Booking System 3.0 cross site scripting