CVE-2024-53450 | THREATINT

Description

RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents.

PUBLISHED Reserved 2024-11-20 | Published 2024-12-09 | Updated 2024-12-11 | Assigner mitre

References

github.com/...b71231b1807533/web/src/hooks/document-hooks.ts

github.com/thanhtung4102/Unauthentication-in-Ragflow

cve.org (CVE-2024-53450)

nvd.nist.gov (CVE-2024-53450)

Download JSON

help @ threatint.eu