Отправить #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or PrivilegesИнформация

НазваниеClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
ОписаниеA privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
Источник⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
Пользователь
 vulbox (UID 78949)
Представление11.12.2024 15:30 (2 лет назад)
Модерация16.12.2024 09:53 (5 days later)
Статуспринято
Запись VulDB288535 [ClassCMS до 4.8 User Management Page admin?do=admin:user:editPost эскалация привилегий]
Баллы18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!