2 matches found
wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
Summary A gym trainer can escalate their session to any higher-privileged account gym manager, general manager by chaining two calls to the trainer-login endpoint. Once a trainer performs a legitimate switch into a low-privileged user, the session flag trainer.identity is set and this flag alone...
PT-2026-41137
Name of the Vulnerable Software and Affected Versions wger version 2.5.0a2 Description A logical error in the permission check allows an authenticated gym trainer to escalate privileges to a gym manager or general manager account. By chaining two calls to the trainer-login endpoint, a trainer can...