UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated users to gain privileges by modifying the GROUP and ALLOWTOPICCHANGE preferences in the topic preferences for Main.AdminGroup.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foswiki foswiki 1.1.0 |
||
foswiki foswiki 1.1.1 |