Key Information Vulnerability Type Vertical Privilege Escalation: Achieved through path manipulation. Affected Versions Latest commit: Branch: Issue Description A vertical privilege escalation vulnerability exists in the latest version of tduck-platform. Regular users can bypass authorization checks and access management APIs (located under the path), which should only be accessible to administrators. Source Code Analysis The vulnerability originates in the method. This interceptor blocks unauthorized access to management APIs by checking if the request URI contains sensitive paths (such as or ). Code snippet: However, the check is performed directly on without path normalization or sanitization. As a result, carefully crafted paths (e.g., ) can completely bypass the check, since the substring does not match literally. Reproduction Steps 1. Log in to the application as a regular (non-admin) user. 2. Directly access a management API (e.g., ), which will trigger an authorization failure and return the error message "No admin privileges". 3. Access the API using a half-width encoded path (e.g., ), which will bypass the authorization check and allow regular users to access sensitive resources reserved for administrators. Example Requests and Responses Normal Request: Response: Bypass Request: Response: