← voltar
CVE-2024-5935

CSRF Vulnerability in imartinez/privategpt

CVSS 5.4 MEDIUMEPSS 0.2%CWE-352
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Produtos afetados
imartinez · imartinez/privategpt

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://huntr.com/bounties/b374f1c9-fa25-4b52-a34d-5153afd5a295