Description
Improper Access Controls allows backend users to overwrite their username when disallowed.
Remediation
References
Related Vulnerabilities
WordPress Plugin Eyes Only:User Access Shortcode Cross-Site Scripting (1.8.2)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-34429)