4 matches found
CVE-2026-21721 Dashboard Permissions Scope Bypass Enables Cross‑Dashboard Privilege Escalation
The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...
The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge allows a hacker to replace the user interface.
The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge is related to improper limitation of the layers or frames that are displayed in the user interface. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially...
The vulnerability of the implementation of the “hyperkitty-permissions.sh” web interface for accessing Mailman archives in HyperKitty allows a perpetrator to increase their privileges.
The vulnerability of the “hyperkitty-permissions.sh” web interface implementation for accessing Mailman archives in HyperKitty relates to the tracking of symbolic links. Exploiting this vulnerability can allow attackers to increase their privileges...
Google Chrome for Mac, Windows and Linux Permissions Interface Forgery Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser developed by Google for the Mac, Windows and Linux platforms.Permissions is one of the permissions licensing components. A security vulnerability exists in Permissions in versions of Google Chrome prior to 64.0.3282.119 for Windows, Mac an...