Critical Vulnerability Information Vulnerability Description There is an authentication bypass vulnerability that allows attackers to access the API without using any token. Vulnerability Type Incorrect Access Control Product Vendor https://github.com/zhishehg17/blog/ Affected Product Codebase All versions (up to e0497553b76d44b9b176c121d3ef96bb6d678c04) Attack Type Unauthenticated Vulnerability Details 1. The affected source code class is , and the affected method is . In the filter code, is used to retrieve the request path. 2. It then checks whether the starts with but does not start with . If this condition is not met, it executes to bypass the interceptor. Otherwise, it blocks the current request and redirects to the login page. 3. The issue lies in using to obtain the request path. The path retrieved by this function does not resolve special characters and is passed directly, allowing attackers to use to bypass the check. 4. For example, take the backend API endpoint . Using can bypass the , allowing deletion of any comment. Vulnerability Reproduction Accessing will directly redirect to the admin login page. However, accessing will bypass authentication checks and delete the specified comment. We can further delete all comments by iterating through all parameter values. References https://github.com/zhishehg17/blog/issues/64