API Key added for one Indices works for all other indices too.
Unknown
Vulnerability Details
Hi,
I created one API key and restricted it to only one index by adding it and gave it right for creating record.
Now this api can be used to add records in other indeces in same account.
Screenshot is attached
Actions
View on HackerOneReport Stats
- Report ID: 118925
- State: Closed
- Substate: resolved
- Upvotes: 5