A vulnerability classified as critical has been found in lunary-ai lunary up to 1.2.4. This affects an unknown part of the file /v1/users/me/org of the component API Response Handler. The manipulation of the argument recovery_token leads to information disclosure.
This vulnerability is uniquely identified as CVE-2024-5133. It is possible to initiate the attack remotely. There is no exploit available.