Improper access control in Sakai - CVE-2024-47876
Published: October 15, 2024 / Updated: April 28, 2026
Sakai
Detailed vulnerability description
The vulnerability allows a remote attacker to gain unauthorized access to the system.
The vulnerability exists due to improper access control in kernel user account handling when processing logins for users created with the type roleview. A remote attacker can authenticate using such an account to gain unauthorized access to the system.