1. API Security Flaw Exposes Internal Invite UUIDs in Duplicate Invite Error Responses
A low-severity security vulnerability in the organization's invitation API allows internal invite identifiers to be exposed through error responses. When the system detects a duplicate invite attempt for an email address that already carries a pending invite within the same organization, the API returns the existing in...