|Reported by:||mrose||Owned by:|
I was experimenting with Elgg 1.0. I was playing around with the admin section and I created a new member and gave that member admin privileges. I then logged out and logged back in as that new member and was able to edit my original member's profile and even ban the original member. I think it is a bad idea to give admins the power to ban or even edit other admin's info. Just a thought....