Vulnerabilities > Cerebrate Project > Cerebrate > 1.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2023-41908 | Missing Authorization vulnerability in Cerebrate-Project Cerebrate Cerebrate before 1.15 lacks the Secure attribute for the session cookie. | 5.3 |
| 2023-02-24 | CVE-2023-26468 | Unspecified vulnerability in Cerebrate-Project Cerebrate 1.12 Cerebrate 1.12 does not properly consider organisation_id during creation of API keys. | 9.1 |