In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role.