templates.admin.users.user_form_processing in Blue Coat Reporter prior to 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bluecoat reporter |