Description
Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UserController function in Tenant Management module.
Remediation
References
https://github.com/opengoofy/hippo4j/issues/1061
Related Vulnerabilities
CVE-2023-26121 Vulnerability in npm package safe-eval
CVE-2018-20677 Vulnerability in maven package org.fujion.webjars:bootstrap
CVE-2021-28162 Vulnerability in npm package @wiptheia/core
CVE-2022-25927 Vulnerability in npm package ua-parser-js
CVE-2020-7793 Vulnerability in maven package org.webjars.npm:ua-parser-js