By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content Manager clients to elevate privileges and perform unauthorized operations.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.