CVE-2025-2334

274056675 springboot-openai-chatgpt Chat History chat deleteChat access control

CVSS 5.3 MEDIUMEPSS 0.5%CWE-266 CWE-284

A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Produtos afetados

274056675 · springboot-openai-chatgpt

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://vuldb.com/?ctiid.299799 https://vuldb.com/?id.299799 https://vuldb.com/?submit.505688 https://www.cnblogs.com/aibot/p/18732182