Y
Hacker News
new
|
ask
|
show
|
jobs
by
josephcsible
931 days ago
It sounds to me like the sales users have full admin access, and just don't need most of the access that they have. If that's the case, then this still isn't a vulnerability, but I admit it would be one otherwise.
1 comments
nerdawson
930 days ago
The reference to roles left me with the impression that these users had limited permissions but I know nothing about OpenCart so I may be mistaken.
link