CVE-2022-44009 Information

Description

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn’t check the permissions in Jinja filters allowing attackers to access K/V pairs of other users potentially leading to the exposure of sensitive Information.

Reference

https://stackstorm.com/2022/12/v3-8-0-released/