Affected version

V1.1.2

1、 Black box test
Logical vulnerability in system settings - role management - authorization location
Cancel user management role management in system settings - role management - authorization location

User management - add - add user test

Log in to the test user, who has no user management and role management permissions

Access the admin user api, find that the user can be added, judge that the authorization location is invalid, and add the user successfully

Finally, log in to the admin user again and find that the unauthorized user creation is successful.

2、 Code analysis
Cancel user management role management in system settings - role management - authorization location

It is found that delete is executed according to roleId

Trace the database. It is found that the database is empty and there is a logical vulnerability in the location

Execute the sql statement and find the prompt Duplicate entry '104' for key 'PRIMARY'. Therefore, the location is invalid and there is a logical vulnerability