Invia #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privilegesinformazioni

TitoloClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
DescrizioneA privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
Fonte⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
Utente
 vulbox (UID 78949)
Sottomissione11/12/2024 15:30 (2 anni fa)
Moderazione16/12/2024 09:53 (5 days later)
StatoAccettato
Voce VulDB288535 [ClassCMS fino a 4.8 User Management Page admin?do=admin:user:editPost escalationi di privilegi]
Punti18

Do you want to use VulDB in your project?

Use the official API to access entries easily!