Lucene search
K

5 matches found

NVD
NVD
added 2024/10/29 1:15 p.m.29 views

CVE-2024-7783

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

7.5CVSS0.00335EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/29 12:49 p.m.17 views

CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

5.9CVSS6.6AI score0.00335EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/29 12:49 p.m.28 views

CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

5.9CVSS0.00335EPSS
Exploits1References2
OSV
OSV
added 2024/10/29 12:49 p.m.12 views

CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...

5.9CVSS6.3AI score0.00335EPSS
Exploits1References4
CVE
CVE
added 2024/10/29 12:49 p.m.93 views

CVE-2024-7783

The CVE-2024-7783 entry concerns mintplex-labs/anything-llm. The vulnerability arises from storing a password inside a JWT used as a bearer token in single-user mode; when the token is decoded, the password is exposed in plaintext. This exposes sensitive credentials to anyone who gains access to ...

7.5CVSS5.8AI score0.00335EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder