Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

SS-2015-020: Privilege Escalation Risk in Security Admin

SS-2015-020: Privilege Escalation Risk in Security Admin

Severity:
Low (?)
Identifier:
SS-2015-020
Versions Affected:
3.1.14-rc1
Versions Fixed:
3.1.14 stable
Release Date:
2015-09-15

A member with the permission EDIT_PERMISSIONS is able to re-assign themselves (or another member) to ADMIN level.

Code to protect against this used to be in the TreeMultiselectField, but has since been replaced with the ListboxField. The actual check this invoked was in Member::onChangeGroups.

Thanks to Florian Thoma for reporting.