Taskosaur version 1.0.0, an open source project management platform with conversational AI, contains a critical privilege escalation vulnerability. The application fails to properly validate the role parameter during user registration, allowing attackers to modify request payloads and assign themselves elevated privileges. The backend does not enforce role assignment restrictions or ignore client-supplied role parameters, enabling unauthenticated attackers to register accounts with SUPER_ADMIN privileges. This vulnerability allows complete administrative access to the platform without authentication.