CVE-2024-5213 | mintplex-labs anything-llm up to 0.x Password Hash /api/request-token unknown vulnerability

Posted by Angelo Barbosa | Jun 20, 2024 | CVE

A vulnerability was found in mintplex-labs anything-llm up to 0.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /api/request-token of the component Password Hash Handler. The manipulation leads to exposure of sensitive information through metadata.

This vulnerability is handled as CVE-2024-5213. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5213 | mintplex-labs anything-llm up to 0.x Password Hash /api/request-token unknown vulnerability

Related Posts

CVE-2024-27873 | Apple iOS/iPadOS Video out-of-bounds write

CVE-2024-29152 | Samsung Auto T5123 information disclosure

CVE-2024-22178 | Open Automation Software OAS Platform 19.00.0057 OAS Engine Save Security Configuration file inclusion (TALOS-2024-1951)

CVE-2024-9105 | UltimateAI Plugin up to 2.8.3 on WordPress improper authentication