If it's only enabling admin-on-admin violence, I don't think we need to work this under embargo. If it's possible for a less-privileged admin to leverage this for effective privilege escalation to a different and more-privileged admin account then I can see issuing an official advisory, but it doesn't seem like we need the added weight of solving this under secrecy and should switch the report to public security.
If it's only enabling admin-on-admin violence, I don't think we need to work this under embargo. If it's possible for a less-privileged admin to leverage this for effective privilege escalation to a different and more-privileged admin account then I can see issuing an official advisory, but it doesn't seem like we need the added weight of solving this under secrecy and should switch the report to public security.