In NodeBB prior to 3.6.7 an attacker was able to access the restricted tabs for the Admin group which are only allowed the the administrators.
{ "nvd_published_at": "2024-03-28T23:15:46Z", "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-11-18T20:02:52Z" }