Enviar #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privilegesinformación

TítuloClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
DescripciónA privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
Fuente⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
Usuario
 vulbox (UID 78949)
Sumisión2024-12-11 15:30 (hace 2 años)
Moderación2024-12-16 09:53 (5 days later)
EstadoAceptado
Entrada de VulDB288535 [ClassCMS hasta 4.8 User Management Page admin?do=admin:user:editPost escalada de privilegios]
Puntos18

Want to know what is going to be exploited?

We predict KEV entries!