CVE-2024-55965

Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.51

Description An issue was discovered where users invited as "App Viewer" incorrectly have access to development information of a workspace, specifically a list of datasources in a workspace they're a member of. This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys.

Recommendations For versions prior to 1.51, update to version 1.51 or later to resolve the issue. As a temporary workaround, consider restricting access to development information for "App Viewer" users until the update is applied.