An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an malicious user to escalate privileges via the Session Expiration component.