AnythingLLM Cross-Site Scripting Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM suffers from a cross-site scripting vulnerability that stems from the presence of a stored cross-site scripting XSS vulnerability...

AnythingLLM Security Vulnerability

AnythingLLM is a document chatbot that meets business requirements. A security vulnerability exists in AnythingLLM that originates from the possibility of brute-force decompression...

AnythingLLM Input Validation Error Vulnerability

AnythingLLM is a document chatbot that meets business requirements. An input validation error vulnerability exists in AnythingLLM that stems from the application failing to properly validate user input before passing it to prisma functions and other critical operations...

AnythingLLM Resource Management Error Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM suffers from a resource management error vulnerability that stems from a denial of service that can be caused by uploading a large number of invalid files...

AnythingLLM Authorization Issues Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM has an authorization issue vulnerability that stems from the presence of an improper authorization vulnerability...

AnythingLLM Access Control Error Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM is vulnerable to an access control error vulnerability that stems from the presence of an access control error vulnerability...

AnythingLLM Security Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM has a security vulnerability that stems from insufficient password checking...

AnythingLLM Code Issue Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM has a code issue vulnerability that stems from the presence of a server-side request forgery vulnerability. The vulnerability can be exploited to obtain AWS server data...

AnythingLLM Security Vulnerability

AnythingLLM is a business-compliant document chatbot. AnythingLLM has a security vulnerability that stems from the lack of any validation and is capable of including malicious links into submitted document links in the workspace...

AnythingLLM SQL Injection Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM versions prior to 0.0.1 suffer from a SQL injection vulnerability that stems from susceptibility to SQL injection attacks...