2015-10-05 14:00:00
mitre
PUBLISHED
GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php.