Home

Description

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace (specifically, a list of datasources in a workspace they're a member of). This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys.

PUBLISHED Reserved 2024-12-13 | Published 2025-03-26 | Updated 2025-03-27 | Assigner mitre

References

github.com/...psmith/security/advisories/GHSA-794x-gm8v-2wj6

cve.org (CVE-2024-55965)

nvd.nist.gov (CVE-2024-55965)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.