Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025
IDOR Vulnerability in transformeroptimus/superagi
CVE-2024-12048
Description
An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi version v0.0.14. The application fails to properly check authorization for multiple API endpoints, allowing attackers to view, edit, and delete other users' information without proper authorization. Affected endpoints include but are not limited to /get/project/{project_id}, /get/schedule_data/{agent_id}, /delete/{agent_id}, /get/organisation/{organisation_id}, and /get/user/{user_id}.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = v0.0.14
- transformeroptimus/transformeroptimus/superagiv5Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.