CVE-2024-55070

A Broken Object Level Authorization vulnerability in the component /households/permissions of hay-kot mealie v2.2.0 allows group managers to edit their own permissions. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt