📦 Appsmith

This vulnerability allows unauthenticated attackers to execute unpublished edit-mode actions in publicly accessible Appsmith applications. Attackers can access sensitive data, run unauthorized queries...

This vulnerability allows authenticated attackers to execute arbitrary commands within Appsmith Docker containers by exploiting a misconfigured PostgreSQL instance. It affects all Appsmith deployments...

Appsmith versions before 1.51 have an incorrect access control vulnerability where users with 'App Viewer' permissions can view development information (specifically datasource lists) in workspaces th...

This vulnerability allows any authenticated user without admin permissions to trigger the restart API in Appsmith, causing a denial of service through repeated server restarts. It affects all Appsmith...

Appsmith versions before 1.51 allow users with 'App Viewer' permissions to list datasources in workspaces they're invited to, which constitutes an information disclosure vulnerability. This affects or...