Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
{ "nvd_published_at": "2023-11-09T20:15:10Z", "cwe_ids": [ "CWE-269", "CWE-284" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-11-10T00:42:19Z" }