CVE-2023-26468

Name of the Vulnerable Software and Affected Versions Cerebrate version 1.12

Description The issue arises from the improper consideration of organisation id during the creation of API keys. This could potentially lead to unauthorized access or misuse of API keys.

Recommendations For Cerebrate version 1.12, consider restricting access to API key creation until a proper fix is implemented to correctly handle organisation id. As a temporary workaround, manually verify the organisation id for each API key created to ensure it aligns with the intended organization.