Fix account privilege escalation vulnerability

A check is only done to verify a Trusted User isn't promoting their
account. An attacker can send tampered account type POST data to
change their "User" level account to a "Developer" account.

Add check so that all users cannot increase their own account
permissions.

Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>

0 files changed, 0 insertions, 0 deletions