2019-04-11 16:16:21
mitre
PUBLISHED
UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution.