Security Advisory

CVE-2024-7473

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-29 12:48:38

Last updated 2024-11-03 18:27:26

Assigner @huntr_ai

State PUBLISHED

Description

An IDOR vulnerability exists in the Evaluations function of the umgws datasets section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users prompts by manipulating the id parameter in the request. The issue is fixed in version 1.4.3.

← Browse all CVEs View on cve.org ↗