github.com/kubeoperator/kubepi is vulnerable to Improper Access Control. A remote attacker is able to bypass the system’s preset permission settings to access restricted API interfaces which leak sensitive user information. The vulnerability also impacts how online applications handle routing permissions.Read More