The vulnerability in Chartbrew arises because the application performs authorization checks only on the project_id parameter when handling chart operations such as update and delete. No check is performed against the chart_id itself, allowing an authenticated user who has permission to any project to manipulate or read charts belonging to other projects. The result is a classic Insecure Direct Object Reference that can expose sensitive data, alter or delete chart definitions, and undermine the integrity and confidentiality of the data presented by the application. The CVSS score of 6.5 indicates a moderate severity with non‑negligible impact when exploited.

All installations of Chartbrew prior to version 4.8.1 are affected. The issue applies to any user who is authenticated and has access to at least one project, regardless of whether the targeted chart belongs to the same project. The affected product is Chartbrew, an open‑source web application that can connect to databases and APIs for chart creation.

The EPSS score of below 1% suggests that exploitation is unlikely in the near term, and the vulnerability is not listed in CISA’s KEV catalog. However, the CVSS score of 6.5 reflects moderate potential impact, and the attack vector is straightforward: an attacker simply supplies a different chart_id when invoking chart update or delete endpoints. Given that the exploitation requires only an authenticated session, the risk is real for any environment where users have broad project access. The easiest mitigation is to apply the patch released in version 4.8.1; otherwise, reduce risk by tightening access controls on chart endpoints.