Insufficient Server-Side Checks Allow Unauthorized Role Escalation in SITOS six Build v6.2.1
CVE-2019-15747 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SITOS six Build v6.2.1 allows a user with the user role of Seminar Coordinator to escalate their permission to the Systemadministrator role due to insufficient checks on the server side.
Learn more about our Cis Benchmark Audit For Server Software.