cvedb.io
CVE-2024-57436
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2025-01-29T15:15:17.073 · Last modified 2026-06-17T08:13:35.053

Summary

RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie.

Affected products

ruoyi — ruoyi

Does this affect you?

Add your gear to cvedb and we'll alert you only when ruoyi ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.