CVE-2022-32170

The “Bytebase� application does not restrict low privilege user to access admin “projects“ for which an unauthorized user can view the “projects“ created by “Admin� and the affected endpoint is “/api/project?user=${userId}�.

Source: CVE-2022-32170