PT-2022-19822
Name of the Vulnerable Software and Affected Versions AlekSIS-Core versions 2.8.1 and below Description An access control issue in aleksis/core/util/auth helpers.py, specifically in the ClientProtectedResourceMixin, allows attackers to access arbitrary scopes if no allowed scopes are specifically...