CVE-2024-24566
CVE-2024-24566 affects Lobe Chat: improper access control lets users access plugins without password when ACCESS_CODE is used. Documented PoC shows exploitation via /api/plugin/gateway; impact is unauthorized plugin access. The issue is patched in version 0.122.4; remediation is to upgrade to 0.1...