Description ----------- The Drupal Security Team has found that the privilege system of Drupal can be circumvented in a very special case because an input check is not implemented properly.

Impact ------ If public registration is allowed then it is possible for an attacker to obtain additional user roles. As a result, an attacker could grant himself administration privileges.