CVE-2024-22422 | Mintplex-Labs AnythingLLM data-export Endpoint filename unusual condition (GHSA-xmj6-g32r-fc5q)

Inserito da Angelo Barbosa | Gen 19, 2024 | CVE

A vulnerability was found in Mintplex-Labs AnythingLLM. It has been rated as problematic. Affected by this issue is some unknown functionality of the component data-export Endpoint. The manipulation of the argument filename leads to improper check for unusual conditions.

This vulnerability is handled as CVE-2024-22422. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-22422 | Mintplex-Labs AnythingLLM data-export Endpoint filename unusual condition (GHSA-xmj6-g32r-fc5q)

Post correlati

CVE-2023-52131 | WP Zinc Page Generator Plugin up to 1.7.1 on WordPress sql injection

CVE-2023-3942 | ZkTeco ZAM170-NF 1.8.25-7354-Ver1.0.0 sql injection (K-ZkTeco-2023-005)

CVE-2024-6278 | lahirudanushka School Management System 1.0.0/1.0.1 Subject Page subject.php update sql injection

CVE-2024-29006 | Apache CloudStack up to 4.18.1.0/4.19.0.0 HTTP Header X-Forwarded-For authentication spoofing