5 matches found
CVE-2024-7783
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...
CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...
CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...
CVE-2024-7783 Improper Storage of Sensitive Information in Bearer Token in mintplex-labs/anything-llm
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT JSON Web Token used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This improper storage of...
CVE-2024-7783
The CVE-2024-7783 entry concerns mintplex-labs/anything-llm. The vulnerability arises from storing a password inside a JWT used as a bearer token in single-user mode; when the token is decoded, the password is exposed in plaintext. This exposes sensitive credentials to anyone who gains access to ...