Sa7Mon

**Name of the Vulnerable Software and Affected Versions** FACTION versions prior to 1.4.3 **Description** The issue allows an attacker to bypass authentication by registering a new user with admin privileges at any time without authorization. The registration request must follow validation rules, such as providing all required information and using a secure password, but there are no additional controls to prevent this action. **Recommendations** For versions prior to 1.4.3, update to version 1.4.3 to resolve the issue.