Lovable VDP: Users can change project visibility which requires high subscription by just changing request body

A Broken Access Control vulnerability was discovered that allowed users to change project visibility to higher subscription tiers by modifying the request body. The visibility was changed from the default setting to Personal or Workspace, bypassing subscription checks and enabling unauthorized...

Minio MinIO 安全漏洞

Minio MinIO is an open source object storage server from the US-based MinIO Minio. The product supports building infrastructures for machine learning, analytics, and application data workloads. A security vulnerability exists in MinIO that allows MITM to modify the request body to skip this check...