Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
A wrong role assigned to PluginManager LIST permission as introduced in 1.8.0 causes a privilege escalation, allowing read-only and user group the same rights as the MANAGE permission: - enabling/disabling plugins - uninstalling plugins - listing installed plugins incl. their details - retrieving plugin notices - deleting orphaned plugin settings
- Loading branch information