Public CVE-2024-28328 disclosure

An issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate privileges via a crafted POST request to /admin/core/new_staff.