Tag
Brave CMS versions prior to 2.0.6 are vulnerable to privilege escalation due to a missing authorization check in the update role endpoint, allowing any authenticated user to gain Super Admin privileges.