5 matches found
CVE-2020-6949
A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account...
CVE-2020-6949
A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account...
Privilege escalation
A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account...
CVE-2020-6949
HashBrown CMS up to version 1.3.3 contains a privilege-escalation flaw in the postUser function. An editor user can modify the password hash of an admin account or reconfigure that account, enabling lateral/admin access. The vulnerability is described across multiple sources (HashBrown CMS ecosys...
CVE-2020-6949
A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account...