In Cerebrate 1.14, a vulnerability in UserSettingsController allows authenticated users to change user settings of other users.Referenceshttps://github.com/cerebrate-project/cerebrate/commit/8e616180ba0d6a1fcb8326dbe39307960ee1946c