Submeter #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privilegesinformação

TítuloClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
DescriçãoA privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
Fonte⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
Utilizador
 vulbox (UID 78949)
Submissão11/12/2024 15h30 (há 2 anos)
Moderação16/12/2024 09h53 (5 days later)
EstadoAceite
Entrada VulDB288535 [ClassCMS até 4.8 User Management Page admin?do=admin:user:editPost Elevação de Privilégios]
Pontos18

Do you know our Splunk app?

Download it now for free!