fix: API changelog from advisory merge (#11649)

This commit is contained in:
Pepe Fagoaga
2026-06-19 13:48:47 +02:00
committed by GitHub
parent bf3b5c2ba7
commit 7f96d895bb
+1 -1
View File
@@ -32,7 +32,7 @@ All notable changes to the **Prowler API** are documented in this file.
### 🔐 Security
- SAML logins now link to an existing account only when the asserted email domain matches the ACS endpoint and the user is already a member of that domain's tenant, fixing a cross-tenant account takeover [(GHSA-h8m9-jgf8-vwvp)](https://github.com/prowler-cloud/prowler/security/advisories/GHSA-h8m9-jgf8-vwvp) [(#XXXXX)](https://github.com/prowler-cloud/prowler/pull/XXXXX)
- SAML logins now link to an existing account only when the asserted email domain matches the ACS endpoint and the user is already a member of that domain's tenant, fixing a cross-tenant account takeover [(GHSA-h8m9-jgf8-vwvp)](https://github.com/prowler-cloud/prowler/security/advisories/GHSA-h8m9-jgf8-vwvp)
---