提出 #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges情報

タイトルClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
説明A privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
ソース⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
ユーザー
 vulbox (UID 78949)
送信2024年12月11日 15:30 (2 年 ago)
モデレーション2024年12月16日 09:53 (5 days later)
ステータス承諾済み
VulDBエントリ288535 [ClassCMS 迄 4.8 User Management Page admin?do=admin:user:editPost 特権昇格]
ポイント18

Do you want to use VulDB in your project?

Use the official API to access entries easily!