2 matches found
CVE-2024-22422
creationtimestamp| type| source ---|---|--- 2024-01-19 02:26:47+00:00| seen| https://t.me/ctinow/170037 2024-01-26 01:17:01+00:00| seen| https://t.me/ctinow/173904...
CVE-2024-22422
CVE-2024-22422 affects AnythingLLM. The vulnerability is in the public, unauthenticated data-export API route that uses the filename parameter to export files. A crafted input can bypass directory-filtering and crash the server when the export is deleted, yielding an unauthenticated Denial of Ser...