← volver
CVE-2024-5935

CSRF Vulnerability in imartinez/privategpt

CVSS 5.4 MEDIUMEPSS 0.2%CWE-352
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Productos afectados
imartinez · imartinez/privategpt

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://huntr.com/bounties/b374f1c9-fa25-4b52-a34d-5153afd5a295