Good’s Basic Laboratory Information System version 3.5 Improper Privilege Management Vulnerability
Computing For Good’s Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, “Improper Access Control.”
The information has been provided by Aditi Shah
As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.
Good’s Basic Laboratory Information System version 3.5