influxdb

InfluxDB OSS contains a business‑logic weakness — tracked as CVE‑2024‑30896 — that allowed an authorized user with an allAccess token in the same organization to enumerate and retrieve the administrative operator token, effectively enabling full administrative takeover of affected InfluxDB OSS...