“This vulnerability is only exploitable by an administrator or users who have exposed their Frigate install to the open internet with no authentication which allows anyone full administrative control.” High, but not critical

Finally a good news

Client data from Desjardins hack in 2017 is only resurfacing and beeing abused now. 2 years protection won’t do much for their affected clients. Five months from detection to disclosure is a disgrace for an institution.