Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-2388 Easy privilege escalation from user preferences
  3. MAGNOLIA-2392

Attempt to assign unallowed group or role corrupts user node

    XMLWordPrintable

Details

    • Sub-task
    • Resolution: Fixed
    • Major
    • 4.0
    • 3.6.2
    • admininterface
    • None

    Description

      When user tries to assign themselves extra privileges without having proper right to do so, the user node gets corrupted and such user has to be deleted. Attempt to do so, should be logged, but user should not be locked out completely.

      Attachments

        Activity

          People

            had Jan Haderka
            had Jan Haderka
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: