Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-42337

Disclosure Date: November 16, 2021 (last updated February 23, 2025)
The permission control of AIFU cashier management salary query function can be bypassed, thus after obtaining general user’s permission, the remote attacker can access account information except passwords by crafting URL parameters.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0