← Back to CVE List
CVE-2024-10953
An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt