Security

📄️ Security Policy

📄️ CVE-2022-46145

Unauthorized user creation and potential account takeover

📄️ CVE-2022-46172

Existing Authenticated Users can Create Arbitrary Accounts

📄️ CVE-2022-23555

Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow