| Title | Rowboat Labs RowBoat git checkout 8096eaf63b5a0732edd8f812bee05b78e214ee97 Unauthorized file upload |
|---|
| Description | The api defined in apps/rowboat/app/api/uploads/[fileId]/route.ts should not be available to anyone. Wrong configuration make anonymous can access to this api. |
|---|
| Source | ⚠️ https://github.com/rowboatlabs/rowboat/issues/166 |
|---|
| User | Anonymous User |
|---|
| Submission | 06/27/2025 03:45 (10 months ago) |
|---|
| Moderation | 07/06/2025 07:52 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 315026 [rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97 Session route.ts PUT params missing authentication] |
|---|
| Points | 15 |
|---|