logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-4151

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-4151

Description:
An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unauthorized users to manipulate or access sensitive project data, potentially leading to data integrity and confidentiality issues.
Last updated date:
01/10/2025
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/10/2025
Reference url to background

https://huntr.com/bounties/4acfef85-dedf-43bd-8438-0d8aaa4ffa01

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2025

Privacy Policy