Lucene search
K

5 matches found

NVD
NVD
added 2024/10/29 1:15 p.m.29 views

CVE-2024-7783

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

7.5CVSS0.00335EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/29 12:49 p.m.17 views

CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

5.9CVSS6.6AI score0.00335EPSS
Exploits1References2
CVE
CVE
added 2024/10/29 12:49 p.m.93 views

CVE-2024-7783

The CVE-2024-7783 entry concerns mintplex-labs/anything-llm. The vulnerability arises from storing a password inside a JWT used as a bearer token in single-user mode; when the token is decoded, the password is exposed in plaintext. This exposes sensitive credentials to anyone who gains access to ...

7.5CVSS5.8AI score0.00335EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/10/29 12:49 p.m.28 views

CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

5.9CVSS0.00335EPSS
Exploits1References2
OSV
OSV
added 2024/10/29 12:49 p.m.12 views

CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

5.9CVSS6.3AI score0.00335EPSS
Exploits1References4
Rows per page
Query Builder