Refine your search
6 vulnerabilities found for by appsmithorg
CVE-2026-5418 (GCVE-0-2026-5418)
Vulnerability from cvelistv5
Published
2026-04-02 18:30
Modified
2026-04-03 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery
Summary
A vulnerability was identified in appsmithorg appsmith up to 1.97. Impacted is the function computeDisallowedHosts of the file app/server/appsmith-interfaces/src/main/java/com/appsmith/util/WebClientUtils.java of the component Dashboard. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit is publicly available and might be used. Upgrading to version 1.99 is recommended to address this issue. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| appsmithorg | appsmith |
Version: 1.0 Version: 1.1 Version: 1.2 Version: 1.3 Version: 1.4 Version: 1.5 Version: 1.6 Version: 1.7 Version: 1.8 Version: 1.9 Version: 1.10 Version: 1.11 Version: 1.12 Version: 1.13 Version: 1.14 Version: 1.15 Version: 1.16 Version: 1.17 Version: 1.18 Version: 1.19 Version: 1.20 Version: 1.21 Version: 1.22 Version: 1.23 Version: 1.24 Version: 1.25 Version: 1.26 Version: 1.27 Version: 1.28 Version: 1.29 Version: 1.30 Version: 1.31 Version: 1.32 Version: 1.33 Version: 1.34 Version: 1.35 Version: 1.36 Version: 1.37 Version: 1.38 Version: 1.39 Version: 1.40 Version: 1.41 Version: 1.42 Version: 1.43 Version: 1.44 Version: 1.45 Version: 1.46 Version: 1.47 Version: 1.48 Version: 1.49 Version: 1.50 Version: 1.51 Version: 1.52 Version: 1.53 Version: 1.54 Version: 1.55 Version: 1.56 Version: 1.57 Version: 1.58 Version: 1.59 Version: 1.60 Version: 1.61 Version: 1.62 Version: 1.63 Version: 1.64 Version: 1.65 Version: 1.66 Version: 1.67 Version: 1.68 Version: 1.69 Version: 1.70 Version: 1.71 Version: 1.72 Version: 1.73 Version: 1.74 Version: 1.75 Version: 1.76 Version: 1.77 Version: 1.78 Version: 1.79 Version: 1.80 Version: 1.81 Version: 1.82 Version: 1.83 Version: 1.84 Version: 1.85 Version: 1.86 Version: 1.87 Version: 1.88 Version: 1.89 Version: 1.90 Version: 1.91 Version: 1.92 Version: 1.93 Version: 1.94 Version: 1.95 Version: 1.96 Version: 1.97 cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5418",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-03T12:59:49.042923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T12:59:56.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:*"
],
"modules": [
"Dashboard"
],
"product": "appsmith",
"vendor": "appsmithorg",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.3"
},
{
"status": "affected",
"version": "1.4"
},
{
"status": "affected",
"version": "1.5"
},
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.7"
},
{
"status": "affected",
"version": "1.8"
},
{
"status": "affected",
"version": "1.9"
},
{
"status": "affected",
"version": "1.10"
},
{
"status": "affected",
"version": "1.11"
},
{
"status": "affected",
"version": "1.12"
},
{
"status": "affected",
"version": "1.13"
},
{
"status": "affected",
"version": "1.14"
},
{
"status": "affected",
"version": "1.15"
},
{
"status": "affected",
"version": "1.16"
},
{
"status": "affected",
"version": "1.17"
},
{
"status": "affected",
"version": "1.18"
},
{
"status": "affected",
"version": "1.19"
},
{
"status": "affected",
"version": "1.20"
},
{
"status": "affected",
"version": "1.21"
},
{
"status": "affected",
"version": "1.22"
},
{
"status": "affected",
"version": "1.23"
},
{
"status": "affected",
"version": "1.24"
},
{
"status": "affected",
"version": "1.25"
},
{
"status": "affected",
"version": "1.26"
},
{
"status": "affected",
"version": "1.27"
},
{
"status": "affected",
"version": "1.28"
},
{
"status": "affected",
"version": "1.29"
},
{
"status": "affected",
"version": "1.30"
},
{
"status": "affected",
"version": "1.31"
},
{
"status": "affected",
"version": "1.32"
},
{
"status": "affected",
"version": "1.33"
},
{
"status": "affected",
"version": "1.34"
},
{
"status": "affected",
"version": "1.35"
},
{
"status": "affected",
"version": "1.36"
},
{
"status": "affected",
"version": "1.37"
},
{
"status": "affected",
"version": "1.38"
},
{
"status": "affected",
"version": "1.39"
},
{
"status": "affected",
"version": "1.40"
},
{
"status": "affected",
"version": "1.41"
},
{
"status": "affected",
"version": "1.42"
},
{
"status": "affected",
"version": "1.43"
},
{
"status": "affected",
"version": "1.44"
},
{
"status": "affected",
"version": "1.45"
},
{
"status": "affected",
"version": "1.46"
},
{
"status": "affected",
"version": "1.47"
},
{
"status": "affected",
"version": "1.48"
},
{
"status": "affected",
"version": "1.49"
},
{
"status": "affected",
"version": "1.50"
},
{
"status": "affected",
"version": "1.51"
},
{
"status": "affected",
"version": "1.52"
},
{
"status": "affected",
"version": "1.53"
},
{
"status": "affected",
"version": "1.54"
},
{
"status": "affected",
"version": "1.55"
},
{
"status": "affected",
"version": "1.56"
},
{
"status": "affected",
"version": "1.57"
},
{
"status": "affected",
"version": "1.58"
},
{
"status": "affected",
"version": "1.59"
},
{
"status": "affected",
"version": "1.60"
},
{
"status": "affected",
"version": "1.61"
},
{
"status": "affected",
"version": "1.62"
},
{
"status": "affected",
"version": "1.63"
},
{
"status": "affected",
"version": "1.64"
},
{
"status": "affected",
"version": "1.65"
},
{
"status": "affected",
"version": "1.66"
},
{
"status": "affected",
"version": "1.67"
},
{
"status": "affected",
"version": "1.68"
},
{
"status": "affected",
"version": "1.69"
},
{
"status": "affected",
"version": "1.70"
},
{
"status": "affected",
"version": "1.71"
},
{
"status": "affected",
"version": "1.72"
},
{
"status": "affected",
"version": "1.73"
},
{
"status": "affected",
"version": "1.74"
},
{
"status": "affected",
"version": "1.75"
},
{
"status": "affected",
"version": "1.76"
},
{
"status": "affected",
"version": "1.77"
},
{
"status": "affected",
"version": "1.78"
},
{
"status": "affected",
"version": "1.79"
},
{
"status": "affected",
"version": "1.80"
},
{
"status": "affected",
"version": "1.81"
},
{
"status": "affected",
"version": "1.82"
},
{
"status": "affected",
"version": "1.83"
},
{
"status": "affected",
"version": "1.84"
},
{
"status": "affected",
"version": "1.85"
},
{
"status": "affected",
"version": "1.86"
},
{
"status": "affected",
"version": "1.87"
},
{
"status": "affected",
"version": "1.88"
},
{
"status": "affected",
"version": "1.89"
},
{
"status": "affected",
"version": "1.90"
},
{
"status": "affected",
"version": "1.91"
},
{
"status": "affected",
"version": "1.92"
},
{
"status": "affected",
"version": "1.93"
},
{
"status": "affected",
"version": "1.94"
},
{
"status": "affected",
"version": "1.95"
},
{
"status": "affected",
"version": "1.96"
},
{
"status": "affected",
"version": "1.97"
},
{
"status": "unaffected",
"version": "1.99"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Executio (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in appsmithorg appsmith up to 1.97. Impacted is the function computeDisallowedHosts of the file app/server/appsmith-interfaces/src/main/java/com/appsmith/util/WebClientUtils.java of the component Dashboard. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit is publicly available and might be used. Upgrading to version 1.99 is recommended to address this issue. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:30:14.217Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354855 | appsmithorg appsmith Dashboard WebClientUtils.java computeDisallowedHosts server-side request forgery",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354855"
},
{
"name": "VDB-354855 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354855/cti"
},
{
"name": "Submit #780190 | appsmithorg appsmith v1.97 Server-Side Request Forgery",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780190"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-9m89-5jw7-q5cr"
},
{
"tags": [
"product"
],
"url": "https://github.com/appsmithorg/appsmith/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-02T13:10:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "appsmithorg appsmith Dashboard WebClientUtils.java computeDisallowedHosts server-side request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5418",
"datePublished": "2026-04-02T18:30:14.217Z",
"dateReserved": "2026-04-02T11:05:13.808Z",
"dateUpdated": "2026-04-03T12:59:56.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-30862 (GCVE-0-2026-30862)
Vulnerability from cvelistv5
Published
2026-03-09 22:26
Modified
2026-03-10 14:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.96, a Critical Stored XSS vulnerability exists in the Table Widget (TableWidgetV2). The root cause is a lack of HTML sanitization in the React component rendering pipeline, allowing malicious attributes to be interpolated into the DOM. By leveraging the "Invite Users" feature, an attacker with a regular user account (user@gmail.com) can force a System Administrator to execute a high-privileged API call (/api/v1/admin/env), resulting in a Full Administrative Account Takeover. This vulnerability is fixed in 1.96.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| appsmithorg | appsmith |
Version: < 1.96 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-30862",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T14:19:16.121188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T14:19:20.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-5hw4-whxv-6794"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "appsmith",
"vendor": "appsmithorg",
"versions": [
{
"status": "affected",
"version": "\u003c 1.96"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.96, a Critical Stored XSS vulnerability exists in the Table Widget (TableWidgetV2). The root cause is a lack of HTML sanitization in the React component rendering pipeline, allowing malicious attributes to be interpolated into the DOM. By leveraging the \"Invite Users\" feature, an attacker with a regular user account (user@gmail.com) can force a System Administrator to execute a high-privileged API call (/api/v1/admin/env), resulting in a Full Administrative Account Takeover. This vulnerability is fixed in 1.96."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T22:26:11.163Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-5hw4-whxv-6794",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-5hw4-whxv-6794"
}
],
"source": {
"advisory": "GHSA-5hw4-whxv-6794",
"discovery": "UNKNOWN"
},
"title": "Critical Stored XSS \u0026 Privilege Escalation in Appsmith"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-30862",
"datePublished": "2026-03-09T22:26:11.163Z",
"dateReserved": "2026-03-05T21:27:35.342Z",
"dateUpdated": "2026-03-10T14:19:20.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24042 (GCVE-0-2026-24042)
Vulnerability from cvelistv5
Published
2026-01-22 03:52
Modified
2026-01-22 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished (edit-mode) actions by sending viewMode=false (or omitting it) to POST /api/v1/actions/execute. This bypasses the expected publish boundary where public viewers should only execute published actions, not edit-mode versions. An attack can result in sensitive data exposure, execution of edit‑mode queries and APIs, development data access, and the ability to trigger side effect behavior. This issue does not have a released fix at the time of publication.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| appsmithorg | appsmith |
Version: <= 1.94 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24042",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T12:27:45.874857Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T12:28:28.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "appsmith",
"vendor": "appsmithorg",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.94"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished (edit-mode) actions by sending viewMode=false (or omitting it) to POST /api/v1/actions/execute. This bypasses the expected publish boundary where public viewers should only execute published actions, not edit-mode versions. An attack can result in sensitive data exposure, execution of edit\u2011mode queries and APIs, development data access, and the ability to trigger side effect behavior. This issue does not have a released fix at the time of publication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T03:52:54.463Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-j9qq-4fj9-9883",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-j9qq-4fj9-9883"
}
],
"source": {
"advisory": "GHSA-j9qq-4fj9-9883",
"discovery": "UNKNOWN"
},
"title": "Appsmith public apps can execute unpublished actions (viewMode confusion)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-24042",
"datePublished": "2026-01-22T03:52:54.463Z",
"dateReserved": "2026-01-20T22:30:11.777Z",
"dateUpdated": "2026-01-22T12:28:28.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22794 (GCVE-0-2026-22794)
Vulnerability from cvelistv5
Published
2026-01-12 21:54
Modified
2026-01-13 19:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in emails can be generated pointing to the attacker’s domain, causing authentication tokens to be exposed and potentially leading to account takeover. This vulnerability is fixed in 1.93.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| appsmithorg | appsmith |
Version: < 1.93 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22794",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T14:14:36.568773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T19:08:29.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-7hf5-mc28-xmcv"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "appsmith",
"vendor": "appsmithorg",
"versions": [
{
"status": "affected",
"version": "\u003c 1.93"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in emails can be generated pointing to the attacker\u2019s domain, causing authentication tokens to be exposed and potentially leading to account takeover. This vulnerability is fixed in 1.93."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.7,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346: Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T21:54:52.803Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-7hf5-mc28-xmcv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-7hf5-mc28-xmcv"
},
{
"name": "https://github.com/appsmithorg/appsmith/commit/6f9ee6226bac13fb4b836940b557913fff78b633",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/appsmithorg/appsmith/commit/6f9ee6226bac13fb4b836940b557913fff78b633"
}
],
"source": {
"advisory": "GHSA-7hf5-mc28-xmcv",
"discovery": "UNKNOWN"
},
"title": "Account Takeover Vulnerability in Appsmith"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-22794",
"datePublished": "2026-01-12T21:54:52.803Z",
"dateReserved": "2026-01-09T18:27:19.389Z",
"dateUpdated": "2026-01-13T19:08:29.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-55604 (GCVE-0-2024-55604)
Vulnerability from cvelistv5
Published
2025-03-25 14:15
Modified
2025-03-25 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Summary
Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a list of datasources in a workspace they're a member of. This information disclosure does NOT expose sensitive data in the datasources, such as database passwords and API Keys. The attacker needs to have been invited to a workspace as a "viewer", by someone in that workspace with access to invite. The attacker then needs to be able to signup/login to that Appsmith instance. The issue is patched in version 1.51. No known workarounds are available.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| appsmithorg | appsmith |
Version: < 1.51 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-25T14:44:30.776825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:44:39.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "appsmith",
"vendor": "appsmithorg",
"versions": [
{
"status": "affected",
"version": "\u003c 1.51"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as \"App Viewer\" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a list of datasources in a workspace they\u0027re a member of. This information disclosure does NOT expose sensitive data in the datasources, such as database passwords and API Keys. The attacker needs to have been invited to a workspace as a \"viewer\", by someone in that workspace with access to invite. The attacker then needs to be able to signup/login to that Appsmith instance. The issue is patched in version 1.51. No known workarounds are available."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:15:05.339Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6"
}
],
"source": {
"advisory": "GHSA-794x-gm8v-2wj6",
"discovery": "UNKNOWN"
},
"title": "Appsmith\u0027s Broken Access Control Allows Viewer Role User to Query Datasources"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-55604",
"datePublished": "2025-03-25T14:15:05.339Z",
"dateReserved": "2024-12-09T14:22:52.524Z",
"dateUpdated": "2025-03-25T14:44:39.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4096 (GCVE-0-2022-4096)
Vulnerability from cvelistv5
Published
2022-11-21 00:00
Modified
2025-04-14 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Summary
Server-Side Request Forgery (SSRF) in GitHub repository appsmithorg/appsmith prior to 1.8.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| appsmithorg | appsmithorg/appsmith |
Version: unspecified < 1.8.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:54.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/7969e834-5982-456e-9683-861a7a5e2d22"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/appsmithorg/appsmith/commit/769719ccfe667f059fe0b107a19ec9feb90f2e40"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4096",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T18:11:49.008641Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T18:16:48.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "appsmithorg/appsmith",
"vendor": "appsmithorg",
"versions": [
{
"lessThan": "1.8.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository appsmithorg/appsmith prior to 1.8.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-21T00:00:00.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/7969e834-5982-456e-9683-861a7a5e2d22"
},
{
"url": "https://github.com/appsmithorg/appsmith/commit/769719ccfe667f059fe0b107a19ec9feb90f2e40"
}
],
"source": {
"advisory": "7969e834-5982-456e-9683-861a7a5e2d22",
"discovery": "EXTERNAL"
},
"title": "Server-Side Request Forgery (SSRF) in appsmithorg/appsmith"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-4096",
"datePublished": "2022-11-21T00:00:00.000Z",
"dateReserved": "2022-11-21T00:00:00.000Z",
"dateUpdated": "2025-04-14T18:16:48.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}