chasebowman-contrast

1 exploit Active since Sep 2024
CVE-2024-47210 WRITEUP HIGH WRITEUP
Gladys Assistant <4.45.1 - Privilege Escalation
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role) because req.body.role can be used in updateMySelf in server/api/controllers/user.controller.js.
CVSS 8.8