Lucene search

CVE-2024-3166

🗓️ 06 Jun 2024 19:00:16Reported by @huntr_aiType

XSS and RCE vulnerability in mintplex-labs/anything-llm

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
NVD	CVE-2024-3166	6 Jun 202419:16	–	nvd
Cvelist	CVE-2024-3166 Cross-Site Scripting (XSS) Vulnerability in mintplex-labs/anything-llm	6 Jun 202418:23	–	cvelist
Vulnrichment	CVE-2024-3166 Cross-Site Scripting (XSS) Vulnerability in mintplex-labs/anything-llm	6 Jun 202418:23	–	vulnrichment
OSV	CVE-2024-3166	6 Jun 202419:16	–	osv

Nvd

Vulners

Node

mintplexlabs anythingllm_desktopRange<1.4.2

mintplexlabs anythingllm_webappRange<1.2.0

[
  {
    "vendor": "mintplex-labs",
    "product": "mintplex-labs/anything-llm",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.4.2",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.com/bounties/af288bd3-8824-4216-a294-ae9fb444e5db
github	www.github.com/mintplex-labs/anything-llm/commit/fa27103d032c58904c49b92ee13fabc19a20a5ce

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jun 2024 19:16Current

4.8Medium risk

Vulners AI Score4.8

CVSS33.4 - 9.6

EPSS0.00384

SSVC

CWE-79