Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in emails can be generated pointing to the attacker’s domain, causing authentication tokens to be exposed and potentially leading to account takeover. This vulnerability is fixed in 1.93.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HAppsmith
APPAppsmith< 1.93
Related vulnerabilities
Appsmith: SSRF umożliwia przejęcie konfiguracji reverse proxy Caddy
Stored XSS w Appsmith Table Widget prowadzący do przejęcia konta admina
Appsmith: nieuwierzytelniony dostęp do akcji trybu edycji (brak autoryzacji)
Appsmith: RCE przez błędnie skonfigurowany PostgreSQL w kontenerze Docker
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, Appsmith's bundled...