Dradis · Dradis Pro · CVE-2019-19946
**Name of the Vulnerable Software and Affected Versions**
Dradis Pro version 3.4.1
**Description**
The issue allows any user to extract the content of a project, even if the user is not part of the project team, through the API.
**Recommendations**
For Dradis Pro version 3.4.1, consider restricting access to the API to prevent unauthorized project content extraction until a patch is available.