CVE-2018-17305

UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt