Dreyand

**Name of the Vulnerable Software and Affected Versions** OpenFlagr versions prior to and including 1.1.18 **Description** The software contains an authentication bypass issue in the HTTP middleware. Improper path normalization within the whitelist logic allows crafted requests to bypass authentication, granting access to protected API endpoints without valid credentials. This unauthorized access could potentially allow modification of feature flags and the export of sensitive data. **Recommendations** Update to a version later than 1.1.18.