CVE-2023-50437
CVE-2023-50437 affects Couchbase Server prior to 7.2.4. The issue involves otpCookie being shown with full admin on endpoints /pools/default/serverGroups and engageCluster2, indicating overly permissive admin exposure. Root cause is not explicitly detailed beyond the admin-level OTP cookie handli...