CVE-2025-66735

Vulnerability Description

youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles.

Vulnerability Details

Published Date

December 22, 2025

Last Modified

January 06, 2026

Source

NVD

CVE-2025-66735

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment