CVE-2020-28405

Name of the Vulnerable Software and Affected Versions: Star Practice Management Web version 2019.2.0.6

Description: An issue exists where improper authorization allows an unauthorized user to modify user privileges within the application. This can lead to the unauthorized user granting themselves administrative access or removing all administrative accounts.

Recommendations: For version 2019.2.0.6, consider restricting access to user management functions until a fix is available. As a temporary workaround, closely monitor user account changes and administrative access to minimize potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.