Invision Power Board Privilege Escalation Vulnerability

Invision Power Board Privilege Escalation Vulnerability

Invision Power Board is affected by a privilege escalation vulnerability. This issue can allow an authenticated attacker to gain elevated privileges.

Specifically, non-root administrator can become part of the root administrator group without providing sufficient authentication credentials.

This can allow a non-root administrator to gain root administrator privileges including complete access to the application and the underlying database.

Invision Power Board versions 1.0 to 2.0.4 are affected by this issue.