An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites.
References
Configurations
No configuration.
History
25 Jun 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/lhchavez/625ee42a6c408a850d35e50f8e649de9 - |
11 Jun 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 May 2025, 16:31
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
30 May 2025, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-30 03:15
Updated : 2025-06-25 15:15
NVD link : CVE-2025-48757
Mitre link : CVE-2025-48757
CVE.ORG link : CVE-2025-48757
JSON object : View
Products Affected
No product.
CWE
CWE-863
Incorrect Authorization