Unauthorized access

The unauthorized access vulnerability in the user information modification interface of the login page allows users to log in directly by deleting cookies without verification.

![Image](https://github.com/user-attachments/assets/7beb47c5-5ad6-4274-974d-cb47ecbd3151)

Delete Cookie：
![Image](https://github.com/user-attachments/assets/48e081b1-55bc-4a58-b720-fe80767d2fae)
Login successful
![Image](https://github.com/user-attachments/assets/7fb80d7b-b7c4-44b9-abad-1b5b2904c8dc)

The same is true for the user information modification interface

![Image](https://github.com/user-attachments/assets/0ffa5ac0-b67f-4da7-bc40-55f7899b6ccf)

![Image](https://github.com/user-attachments/assets/c36fff17-180e-4632-a2cc-59ab2d491292)
The modification was successful
![Image](https://github.com/user-attachments/assets/72cf1920-fbbf-499b-80bc-f2be38249ebe)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Unauthorized access #76

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Unauthorized access #76

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions