Open
Description
UserController for the Tenant Management module module of hippo4j. An unauthorized access vulnerability arises from the newly added tenant information
AddUser method to perform the current operation of user authentication, leads to any user can access hippo4j/v1 / cs/auth/users/add interface new super administrator privileges to ascend, further access to sensitive information.
Influence version
hippo4j 1.4.3 (Nov 06, 2022)
