Filtered by vendor Dromara Subscriptions
Filtered by product Sa-token Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-44794 2 Dromara, Vmware 3 Sa-token, Spring Boot, Spring Framework 2024-11-21 9.8 Critical
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
CVE-2023-43961 1 Dromara 1 Sa-token 2024-11-21 8.8 High
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.