Org admin can delete pending invites in different org

Low
Advisory ID:CVE-2024-10452
Published:2024-10-28
Product:Grafana
CVSS Score:2.2
CVSS Vector:CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Summary

Organization admins can delete pending invites created in an organization they are not part of.