Description
Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3.
Remediation
References
https://lists.apache.org/thread/ndblyxr2fdrvjtgbs1bogxgv2cgk7t28
Related Vulnerabilities
CVE-2023-37259 Vulnerability in npm package matrix-react-sdk
CVE-2022-34115 Vulnerability in maven package io.dataease:dataease-plugin-common
CVE-2023-34238 Vulnerability in npm package gatsby
CVE-2023-25500 Vulnerability in maven package com.vaadin:flow-server
CVE-2023-42276 Vulnerability in maven package cn.hutool:hutool-core