Role Manipulation Vulnerability in THEHIVE PROJECT Cortex by TheHive Project
CVE-2018-20226
7.2HIGH
What is CVE-2018-20226?
A vulnerability exists in THEHIVE PROJECT Cortex versions before 2.1.3, where an organization administrator has the capability to add a super administrator. This occurs due to the inadequate implementation of the Role.toString method, which could potentially lead to unauthorized access and elevation of privileges within the application.
