2011-10-02 01:00:00
jpcert
PUBLISHED
BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.