CVE-2024-40531 Information

Description

An issue in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.402.072 allows a remote attacker to escalate privileges via the user profile management function.

Reference

https://critical.lt/blog/authorization-bypass-and-mass-assignment-in-pantera-crm/