CVE-2024-7473 – Lunary-ai Lunary IDOR

10月 29, 2024
2:16 pm

CVE ID : CVE-2024-7473

Published : Oct. 29, 2024, 1:15 p.m. | 1 hour, 1 minute ago

Description : An IDOR vulnerability exists in the ‘Evaluations’ function of the ‘umgws datasets’ section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users’ prompts by manipulating the ‘id’ parameter in the request. The issue is fixed in version 1.4.3.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-7473 – Lunary-ai Lunary IDOR

Elvescore.io

Recent Posts

CVE-2024-8447 – Narayana LRA Coordinator Denial of Service Vulnerability

CVE-2024-48197 – Audiocodes MP-202b Cross Site Scripting Privilege Escalation

CVE-2024-56199 – phpMyFAQ HTML Injection Vulnerability

CVE-2025-0173 – SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE-2024-11716 – CTFd Team Bracket Reassignment Vulnerability ( Privilege Escalation )

CVE-2024-11717 – CTFd TokenForgeable Authentication

CVE-2024-7473 – Lunary-ai Lunary IDOR

CVE-2024-7473 – Lunary-ai Lunary IDOR