CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mintplexlabs: >> Anythingllm Docker >> 1.2.1 Security Vulnerabilities

CVE-2024-13060

A vulnerability in AnythingLLM Docker version 1.3.1 allows users with 'Default' permission to access other users' profile pictures by changing the 'id' parameter in the user cookie. This issue is present in versions prior to 1.3.1.

CVSS Score

4.3

EPSS Score

0.0

Published

2025-03-20

Page 1

Vulnerabilities

Vulnerable Software

Mintplexlabs: >> Anythingllm Docker >> 1.2.1 Security Vulnerabilities

Products

Pricing

Contact Us