Insufficient Server-Side Checks Allow Unauthorized Role Escalation in SITOS six Build v6.2.1

Insufficient Server-Side Checks Allow Unauthorized Role Escalation in SITOS six Build v6.2.1

CVE-2019-15747 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SITOS six Build v6.2.1 allows a user with the user role of Seminar Coordinator to escalate their permission to the Systemadministrator role due to insufficient checks on the server side.

Learn more about our Cis Benchmark Audit For Server Software.