Vulnerability Details CVE-2023-43961
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.1%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-43961
-
cpe:2.3:a:dromara:sa-token:-
-
cpe:2.3:a:dromara:sa-token:1.10.0
-
cpe:2.3:a:dromara:sa-token:1.11.0
-
cpe:2.3:a:dromara:sa-token:1.12.0
-
cpe:2.3:a:dromara:sa-token:1.13.0
-
cpe:2.3:a:dromara:sa-token:1.14.0
-
cpe:2.3:a:dromara:sa-token:1.16.0
-
cpe:2.3:a:dromara:sa-token:1.17.0
-
cpe:2.3:a:dromara:sa-token:1.20.0
-
cpe:2.3:a:dromara:sa-token:1.21.0
-
cpe:2.3:a:dromara:sa-token:1.22.0
-
cpe:2.3:a:dromara:sa-token:1.23.0
-
cpe:2.3:a:dromara:sa-token:1.24.0
-
cpe:2.3:a:dromara:sa-token:1.25.0
-
cpe:2.3:a:dromara:sa-token:1.26.0
-
cpe:2.3:a:dromara:sa-token:1.27.0
-
cpe:2.3:a:dromara:sa-token:1.28.0
-
cpe:2.3:a:dromara:sa-token:1.29.0
-
cpe:2.3:a:dromara:sa-token:1.30.0
-
cpe:2.3:a:dromara:sa-token:1.31.0
-
cpe:2.3:a:dromara:sa-token:1.32.0
-
cpe:2.3:a:dromara:sa-token:1.33.0
-
cpe:2.3:a:dromara:sa-token:1.34.0
-
cpe:2.3:a:dromara:sa-token:1.35.0
-
cpe:2.3:a:dromara:sa-token:1.4.0
-
cpe:2.3:a:dromara:sa-token:1.5.1
-
cpe:2.3:a:dromara:sa-token:1.6.0
-
cpe:2.3:a:dromara:sa-token:1.7.0
-
cpe:2.3:a:dromara:sa-token:1.8.0
-
cpe:2.3:a:dromara:sa-token:1.9.0