CVE-2024-50619
CVE-2024-50619 affects CIPPlanner CIPAce prior to 9.17 in the My Account and User Management components. A low-privileged authenticated user can escalate privileges by tampering with the client’s user ID to access other accounts, and can elevate privileges by modifying information of a user role ...