CVE-2024-7473
IDOR Vulnerability in lunary-ai/lunary
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' prompts by manipulating the 'id' parameter in the request. The issue is fixed in version 1.4.3.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Productos afectados
lunary-ai · lunary-ai/lunary¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →