CVE-2005-1708
The CVE affects Blue Coat Reporter before 7.1.2, where templates.admin.users.user_form_processing allows an authenticated user to elevate to administrator by sending an HTTP POST that sets volatile.user.administrator to true. Root cause is improper handling of admin-flag assignment via user form ...