Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation10 reference(s) from NVD