Privilege Escalation via Extra Parameters in Bonobo Git Server AccountController
CVE-2019-11218 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator privileges via additional form parameter submissions.
Learn more about our Cis Benchmark Audit For Server Software.