CVE-2024-0439

Name of the Vulnerable Software and Affected Versions SoftwareX (affected versions not specified)

Description The issue allows managers to modify certain settings that they should not have access to, despite these settings being hidden in the UI for convenience. Managers can still modify these settings using their token through a standard HTTP request. This is not considered a critical issue but needs to be patched to enforce the expected permission level.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.