High severity8.8NVD Advisory· Published Sep 2, 2020· Updated Jun 17, 2026
CVE-2020-24028
CVE-2020-24028
Description
ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrative privilege gain. Authorization is enforced server-side, restricting actions to the user’s own permission scope."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ForLogic/Qualiexdescription
Patches
Vulnerability mechanics
References
2- forlogic.netnvdVendor Advisory
- qualiex.comnvdProductVendor Advisory
News mentions
0No linked articles in our index yet.