6 matches found
BIT-APPSMITH-2026-24042 Appsmith public apps can execute unpublished actions (viewMode confusion)
Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...
CVE-2026-24042 Appsmith public apps can execute unpublished actions (viewMode confusion)
Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...
CVE-2026-24042 Appsmith public apps can execute unpublished actions (viewMode confusion)
Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...
CVE-2026-24042
Appsmith (versions 1.94 and below) exposes an unauthenticated risk where public apps can execute unpublished (edit-mode) actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. The underlying cause is viewMode handling that bypasses the publish boundary, allowing executi...
CVE-2026-24042 Appsmith public apps can execute unpublished actions (viewMode confusion)
Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...
iOS: Certain Public Apps cannot be installed
When adding a public app store XenMobile server, it fails to install through the Secure Hub store on the end user's devices. No installation prompt is presented to the user and no mention of the application can be seen in XCode logs...