Description
In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be executed as part of a database query without restrictions. This flaw enables users with a manager role to craft a request that includes nested write operations, effectively allowing them to create new Administrator accounts.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://huntr.com/bounties/34491fb7-5133-4e80-8782-74124350bbdb
Scores
CVSS v3
7.2
EPSS
0.0022
EPSS Percentile
44.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (1)
mintplexlabs/anythingllm
< 1.0.0
Published
May 20, 2024
Tracked Since
Feb 18, 2026