Incorrect Privilege Assignment

CVE-2025-10819

Low

2.1/10

Summary

A security vulnerability has been detected in fuyang_lipengjun platform 1.0. This issue affects the function UserCouponController of the file /usercoupon/queryAll. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-266 - Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

References

Advisory Timeline

Published Sep 22, 2025

Incorrect Privilege Assignment

CVE-2025-10819

Summary

CWE-266 - Incorrect Privilege Assignment

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS