01642 06 11 11 Arrange Call

Privilege Escalation via Extra Parameters in Bonobo Git Server AccountController

CVE-2019-11218 · MEDIUM

CVE-2019-11218

Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator privileges via additional form parameter submissions.

Learn more about our Cis Benchmark Audit For Server Software.