In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management vulnerability. After logging into the system, users can change the passwords of other users, leading to potential account takeover.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HSuperagi
APPSuperagi0.0.14
Powiązane podatności
SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability...
An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi version v0.0.14...
A Path Traversal vulnerability exists in the file upload functionality of transformeroptimus/superagi version ...
An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. An attack...
SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update` API allows ...