2025-05-15 00:00:00
mitre
PUBLISHED
In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint.