
We found results for “”
CVE-2024-8613
Good to know:

Date: March 20, 2025
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due to improper handling of session data and lack of access control mechanisms, enabling attackers to view and manipulate chat histories of other users.
Severity Score
Severity Score
Weakness Type (CWE)
Improper Access Control
CWE-284Top Fix

Upgrade Version
Upgrade to version https://github.com/gaizhenbiao/chuanhuchatgpt.git - 20240918
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | NONE |