An issue in SpringBlade v.3.7.0 and before allows a remote malicious user to escalate privileges via the lack of permissions control framework.
bladex springblade