Dromara: >> Sa-Token Security Vulnerabilities
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-25
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
CVSS Score
9.8
EPSS Score
0.02
Published
2023-10-25