CVE-2024-3033 | mintplex-labs anything-llm up to 0.x Setting /api/v/ improper authorization

Posted by Angelo Barbosa | Jun 6, 2024 | CVE

A vulnerability classified as critical has been found in mintplex-labs anything-llm up to 0.x. This affects an unknown part of the file /api/v/ of the component Setting Handler. The manipulation leads to improper authorization.

This vulnerability is uniquely identified as CVE-2024-3033. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3033 | mintplex-labs anything-llm up to 0.x Setting /api/v/ improper authorization

Related Posts

CVE-2024-3925 | bdthemes Element Pack Elementor Addons Plugin up to 5.6.7 on WordPress cross site scripting

CVE-2024-27919 | Envoy HTTP/2 resource consumption

CVE-2024-25922 | Peach Payments Gateway Plugin up to 3.1.9 on WordPress authorization

CVE-2024-28128 | unclebob FitNesse up to 20220318 cross site scripting