PT-2023-20167 · Apollo · Apollo
Name of the Vulnerable Software and Affected Versions: Apollo versions prior to 2.1.0 Description: A low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmatio...