[HIGH] Pterodactyl does not revoke SFTP access when server is deleted or permissions reduced

PKSA-zfwd-jx3t-62gc CVE-2025-68954 GHSA-8c39-xppg-479c

Affected package: pterodactyl/panel

Affected version: <1.12.0

Reported by:
GitHub