CVE-2021-35970
CVE-2021-35970 affects Coral Talk 4 prior to 4.12.1. The issue arises from permission checks using an incorrect data type, enabling remote attackers to query GraphQL and discover email addresses and other sensitive information. Exploitation is remote and unauthenticated as described in the public...