PT-2024-35092
Name of the Vulnerable Software and Affected Versions Fides versions prior to 2.50.0 Description The user invite acceptance API endpoint /api/v1/user/accept-invite lacks server-side password policy enforcement, allowing users to set arbitrarily weak passwords by bypassing client-side validation...