Lucene search
MitreCVE-2024-27564HistoryMar 05, 2024 - 5:15 p.m.
CVE-2024-27564
2024-03-0517:15:06
CWE-918
mitre
web.nvd.nist.gov
25
cve-2024-27564
ssrf
server-side request forgery
chatgpt
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
7.1
Confidence
Low
EPSS
0.001
Percentile
20.2%
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.
References
Related
prion
prion
Server side request forgery (ssrf)
2024-03-05 17:15:00
nvd
nvd
CVE-2024-27564
2024-03-05 17:15:06
nuclei
nuclei
ChatGPT个人专用版 - Server Side Request Forgery
2024-03-30 06:53:35
cvelist
cvelist
CVE-2024-27564
2024-03-05 00:00:00
vulnrichment
vulnrichment
CVE-2024-27564
2024-03-05 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
7.1
Confidence
Low
EPSS
0.001
Percentile
20.2%
Related for CVE-2024-27564