CVE-2025-46175 | y_project RuoYi 4.8.0 SysUserController.java authRole access control

Inserito da Angelo Barbosa | Nov 26, 2025 | CVE

A vulnerability categorized as critical has been discovered in y_project RuoYi 4.8.0. The affected element is the function authRole of the file SysUserController.java. Such manipulation leads to improper access controls.

This vulnerability is traded as CVE-2025-46175. The attack may be launched remotely. There is no exploit available.

CVE-2025-46175 | y_project RuoYi 4.8.0 SysUserController.java authRole access control

Post correlati

CVE-2024-34511 | Gradio up to 4.12 Server _is_server_fn Privilege Escalation

CVE-2024-11088 | mra13 Simple Membership Plugin up to 4.5.5 on WordPress information disclosure

CVE-2024-3215 | Paid Memberships Pro Plugin up to 3.0.1 on WordPress cross-site request forgery

CVE-2024-29338 | Anchor CMS 0.12.7 2 cross-site request forgery