> This potentially allows the malicious user to act as the admin on a project another user has the admin role on
... which in many cases can effectively grant the user global admin privileges.
> This potentially allows the malicious user to act as the admin on a project another user has the admin role on
... which in many cases can effectively grant the user global admin privileges.