An authenticated attacker can adjust his assigned role in response header, and gain admin access to the app.
Could we have more details on this problem? Also we need a jira if it is real CVE.
(In reply to Marek Novotny from comment #1) > Could we have more details on this problem? Also we need a jira if it is > real CVE. Hi Marek, Please reach Alexandre Porcelli, he has the reproducer.
I am able to successfully replicate this. User can intercept the response and edit the role (from developer to admin in my test case) to admin and he will get the admin privileges in the console.