Name of the Vulnerable Software and Affected Versions Drupal (affected versions not specified)

Description A security issue exists in the User module of Drupal. If specific contributed or custom code triggers a rebuild of the user profile form, a registered user can be granted all user roles on the site, potentially resulting in the user gaining administrative access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.