Описание
An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites. NOTE: this is disputed by the Supplier because each individual customer of the Lovable platform accepts a responsibility over protecting the data of their application.
Ссылки
EPSS
Процентиль: 16%
0.00051
Низкий
9.3 Critical
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 9.3
github
8 месяцев назад
An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites.
EPSS
Процентиль: 16%
0.00051
Низкий
9.3 Critical
CVSS3
Дефекты
CWE-863