github.com/rancher/rancher is vulnerable to privilege escalation. An attacker with permissions to create/edit cluster role template bindings or project role template bindings is able to gain administrator permission in another project in the same cluster or in another project on a different downstream cluster, due to the improper authorization mechanism in the library.
bugzilla.suse.com/show_bug.cgi?id=1199730
github.com/rancher/rancher/commit/05fab40d32dae197d112d54412464686d43a5fb1
github.com/rancher/rancher/commit/ae28532e1514adce1dd2efcc47f5c65f64bfe5c5
github.com/rancher/rancher/pull/38088
github.com/rancher/rancher/pull/38400
github.com/rancher/rancher/security/advisories/GHSA-6x34-89p7-95wg