Details
-
Bug
-
Resolution: Fixed
-
Blocker
-
4.2.3
-
None
Description
Under certain conditions it is possible for knowledgeable user to escalate his/her own privileges to more then originally assigned. The "user" in question must be valid user with access to admin central. The issue doesn't affect anonymous user.
Checklists
Attachments
Issue Links
- is related to
-
MAGNOLIA-2317 Reading user nodes without having correct privileges assigned
-
- Closed
-
-
MAGNOLIA-2318 Default user privileges are not enough for user to change their own preferences
-
- Closed
-
-
MAGNOLIA-2320 Remove hardcoded user permission modifications from UserEditDialog
-
- Closed
-
-
MGNLSTK-621 Demo users have too many privileges assigned
-
- Closed
-
- mentioned in
-
Wiki Page Loading...