Improper Access Control

github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to the API proxy not dropping the impersonation header before sending the request to the Kubernetes API, allowing an authenticated user to impersonate any user on a…Read More