Vulnerabilidades em appsmithorg
10 resultadosCVE-2022-4096HIGHServer-Side Request Forgery (SSRF) in appsmithorg/appsmithEPSS 1.4%CVE-2026-24042CRITICALAppsmith public apps can execute unpublished actions (viewMode confusion)EPSS 0.6%CVE-2026-22794CRITICALAccount Takeover Vulnerability in AppsmithEPSS 0.4%CVE-2026-55454CRITICALAppsmith: Caddy admin API exposed without authenticationEPSS 0.3%CVE-2026-30862CRITICALCritical Stored XSS & Privilege Escalation in AppsmithEPSS 0.3%CVE-2026-5418MEDIUMappsmithorg appsmith Dashboard WebClientUtils.java computeDisallowedHosts server-side request forgeryEPSS 0.3%CVE-2026-49979MEDIUMAppsmith: SSRF via `POST /api/v1/admin/send-test-email` — JavaMail Bypasses WebClient IP FilterEPSS 0.3%CVE-2024-55604MEDIUMAppsmith's Broken Access Control Allows Viewer Role User to Query DatasourcesEPSS 0.2%CVE-2026-50189HIGHAppsmith: RCE via Supervisord XML-RPC Admin Interface Exposed via /supervisor Caddy RouteEPSS 0.2%CVE-2026-55455MEDIUMAppsmith: SSRF in REST API / GraphQL datasource plugins via insufficient host denylistEPSS 0.2%