CVE-2023-5833
The connected Huntr document provides concrete details for CVE-2023-5833: an improper access control flaw in mintplex-labs/anything-llm prior to 0.1.0 that allows overwriting backend environment variables via the /api/system/update-env endpoint. The vulnerability arises from how KEY_MAPPING expos...