Description

MRCMS 3.1.2 contains an access control vulnerability. The save() method in src/main/java/org/marker/mushroom/controller/UserController.java lacks proper authorization validation, enabling direct addition of super administrator accounts without authentication.

INFO

Published Date :

2026-04-07T00:00:00.000Z

Last Modified :

2026-04-07T17:08:09.932Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2026-31272 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-31272.

URL Resource
https://github.com/clockw1se0v0/Vul/blob/main/MRCMS/Unauthorized.md cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System