From 758e7eca58e0a6f680698cbff3bed28233e47ed0 Mon Sep 17 00:00:00 2001
From: teresa <teresa.hong.2023@cis.smu.edu.sg>
Date: Mon, 19 May 2025 23:48:31 +0800
Subject: [PATCH] Fix Critical Password Security Vulnerability in Password
 Update

This PR addresses a critical security vulnerability in the updatePwd method where new passwords were being stored in plaintext rather than being properly encrypted before storage.

References
https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/7d4dab60352079953b7be120afe9bd14983ae3bc

https://nvd.nist.gov/vuln/detail/CVE-2023-3423
---
 .../zyd/blog/business/service/impl/SysUserServiceImpl.java    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/blog-core/src/main/java/com/zyd/blog/business/service/impl/SysUserServiceImpl.java b/blog-core/src/main/java/com/zyd/blog/business/service/impl/SysUserServiceImpl.java
index 3e54a472..00e8ae87 100644
--- a/blog-core/src/main/java/com/zyd/blog/business/service/impl/SysUserServiceImpl.java
+++ b/blog-core/src/main/java/com/zyd/blog/business/service/impl/SysUserServiceImpl.java
@@ -204,7 +204,9 @@ public boolean updatePwd(UserPwd userPwd) throws Exception {
         if (!user.getPassword().equals(PasswordUtil.encrypt(userPwd.getPassword(), user.getUsername()))) {
             throw new ZhydException("原密码不正确！");
         }
-        user.setPassword(userPwd.getNewPassword());
+        
+        // Fix: Encrypt the new password before storing it
+        user.setPassword(PasswordUtil.encrypt(userPwd.getNewPassword(), user.getUsername()));
 
         return this.updateSelective(user);
     }