Open will-moore opened 1 month ago
I suspect the easiest workflow to reproduce this type of security violation would be to: 1- create a light administrator with permissions to create other users 2- log in to OMERO.web using this light administrator 3- try to create a full administrator using the OMERO.web admin UI i.e. create a new user and add it to the system group
https://www.openmicroscopy.org/qa2/qa/feedback/41761/