CVE-2024-9970

The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability. Remote attackers with regular privileges can elevate their privileges to administrator by tampering with a specific cookie. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt