Improper Access Control in RAGFlow Leads to Unauthorized Document Access
CVE-2024-53450
Currently unrated
What is CVE-2024-53450?
RAGFlow version 0.13.0 is affected by a vulnerability in its document-handling logic, specifically in document-hooks.ts. This flaw allows unauthorized users to access sensitive user documents. The lack of proper access controls can lead to significant data exposure and potential misuse of personal data. It is crucial for users of this version to implement the necessary security measures and consider updates to protect their information.