In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Missing Authorization vulnerabilities in an interactive lesson.
Start learningUpgrade 9router to version 0.5.15 or higher.
9router is a 9Router CLI - Start and manage 9Router server
Affected versions of this package are vulnerable to Missing Authorization due to missing authentication checks on several API endpoints, including /api/providers, /api/usage/stats, /api/usage/request-logs, and /api/usage/request-details. An attacker can gain unauthorized access to sensitive information such as API keys, OAuth tokens, account IDs, email addresses, and full conversation histories, as well as perform unauthorized actions like creating, modifying, or deleting provider connections by sending crafted requests to these endpoints.