2 matches found
CVE-2024-1666
In lunary-ai/lunary version 1.0.0, an authorization flaw exists that allows unauthorized radar creation. The vulnerability stems from the lack of server-side checks to verify if a user is on a free account during the radar creation process, which is only enforced in the web UI. As a result,...
PT-2024-18211 · Lunary Ai · Lunary
Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary version 1.0.0 Description: The issue is related to an authorization flaw that allows unauthorized radar creation. This flaw stems from the lack of server-side checks to verify if a user is on a free account during the radar...