PT-2025-12227 · Prisma +1 · Prismax +1

Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm versions prior to 1.2.2 Description: A vulnerability exists in the API endpoint "/embed/:embedId/stream-chat" where user-provided JSON is directly taken to the Prisma library's where clause. An attacker can exploit...