CVE-2024-23329
Product/issue: changedetection.io Vulnerability: The API endpoint /api/v1/watch//history can be accessed by an unauthorized user, exposing watch history paths. The underlying cause is missing access control on the WatchHistory resource. Impact (as stated): Unauthorized access to watch history wit...