Security Advisory

CVE-2024-7297

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-30 16:13:48

Last updated 2026-03-27 15:51:29

Assigner tenable

State PUBLISHED

Description

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the /api/v1/users endpoint.

← Browse all CVEs View on cve.org ↗