Description
An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege.
Remediation
References
Related Vulnerabilities
SugarCRM Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3803)
WordPress Plugin Connector for Gravity Forms and Google Sheets Cross-Site Scripting (1.1.0)
MongoDb Reachable Assertion Vulnerability (CVE-2024-3374)
WordPress Plugin WP AmASIN-The Amazon Affiliate Shop Directory Traversal (0.9.6)