CVE-2007-2760
The CVE concerns Adempiere prior to version 3.1.6. The canUpdate function in model/MRole.java fails to properly validate user roles, enabling remote authenticated read-only users to obtain read-write privileges. This behavioral flaw is the root cause described across sources, resulting in a high-...