CVE-2025-70997
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS
Description
A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any user permission level.
eladmin jpa 版本:项目基于 Spring Boot 2.7.18、 Jpa、 Spring Security、Redis、Vue的前后端分离的后台管理系统,项目采用分模块开发方式, 权限控制采用 RBAC,支持数据字典与数据权限管理,支持一键生成前后端代码,支持动态路由
GitHubGitHub