Описание
Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the product.
EPSS
Процентиль: 8%
0.0003
Низкий
4.2 Medium
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 4.2
github
24 дня назад
Chainlit contains an authorization bypass vulnerability
EPSS
Процентиль: 8%
0.0003
Низкий
4.2 Medium
CVSS3
Дефекты
CWE-639