提交 #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges信息

标题ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
描述A privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
来源⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
用户
 vulbox (UID 78949)
提交2024-12-11 15時30分 (2 年前)
管理2024-12-16 09時53分 (5 days later)
状态已接受
VulDB条目288535 [ClassCMS 直到 4.8 User Management Page admin?do=admin:user:editPost 权限提升]
积分18

Do you need the next level of professionalism?

Upgrade your account now!