Komi22

**Name of the Vulnerable Software and Affected Versions** pyLoad versions prior to 0.5.0b3.dev98 **Description** An issue exists where `role` and `permission` are cached in the session during login. The system continues to authorize requests using these cached values even after an administrator modifies the user's role or permissions in the database. This allows a logged-in user to retain revoked privileges until the session expires or they log out, enabling continued unauthorized privileged actions. **Recommendations** Update to a version that includes commit e95804fb0d06cbb07d2ba380fc494d9ff89b68c1.

**Name of the Vulnerable Software and Affected Versions** pyLoad versions prior to 0.5.0b3.dev97 **Description** Certain WebUI JSON endpoints enforce weaker permissions than the core API methods they invoke, allowing authenticated low-privileged users to execute MODIFY operations that should be denied by the permission model. Specifically, users with ADD permissions can reorder packages and files via endpoints '/json/package order' and '/json/link order', while users with DELETE permissions can abort downloads via '/json/abort link'. This occurs because these endpoints call core API functions `order package()`, `order file()`, and `stop downloads()`, which normally require MODIFY permissions, but the endpoints themselves use weaker authorization checks. **Recommendations** Update to version 0.5.0b3.dev97.