漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Feehi CMS REST API Endpoint articles missing authentication
Vulnerability Description
A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Feehi CMS 授权问题漏洞
Vulnerability Description
feehi cms是feehi个人开发者的一款网站内容管理组件。 Feehi CMS 2.1.1版本及之前版本存在授权问题漏洞,该漏洞源于对文件/api/articles中未知代码的操作导致缺失身份验证,可能导致攻击者远程发起攻击。
CVSS Information
N/A
Vulnerability Type
N/A