The place where the problem is found is: downloadTemplate interface;
The repaired place is: ExportExcel interface 。
This vulnerability is to repair the export interface and perform verification, but the download interface is not repaired, so the vulnerability still exists in the download interface and can be directly exploited.
修改建议
No response
The text was updated successfully, but these errors were encountered:
gin-vue-admin 版本
v2.5.4b
Node 版本
v19.2.0
Golang 版本
go1.19.3 darwin/arm64
是否依旧存在
可以
bug描述
I've already send an email to security mail but there is no response, so I report a bug!
I found a security vulnerability like GHSA-32gq-gj42-mw43 .
I found the bug is closed : #1002 。
But there are following problems here:

This vulnerability is to repair the export interface and perform verification, but the download interface is not repaired, so the vulnerability still exists in the download interface and can be directly exploited.
修改建议
No response
The text was updated successfully, but these errors were encountered: