Pypi/Pycti | GitLab Advisory Database (GLAD)

OpenCTI: Privilege escalation via graphQL API is abusable by organization admins, due to incorrect ACL on userEdit relationAdd

An organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization.