Lucene search

GitHub_MCVELIST:CVE-2024-38514

HistoryJun 28, 2024 - 6:11 p.m.

CVE-2024-38514 NextChat Server-Side Request Forgery (SSRF)

2024-06-2818:11:02

CWE-918

GitHub_M

www.cve.org

nextchat

ssrf

vulnerability

patched

version 2.12.4

webdav api

https

javascript

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the endpoint GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and GET methods supported), or to target NextChat users and make them execute arbitrary JavaScript code in their browser. This vulnerability has been patched in version 2.12.4.

CNA Affected

[
  {
    "vendor": "ChatGPTNextWeb",
    "product": "ChatGPT-Next-Web",
    "versions": [
      {
        "version": "< 2.12.4",
        "status": "affected"
      }
    ]
  }
]

References

github.com/ChatGPTNextWeb/ChatGPT-Next-Web/commit/dad122199a85c2f12277593973e1784b212adf5e

github.com/ChatGPTNextWeb/ChatGPT-Next-Web/security/advisories/GHSA-gph5-rx77-3pjg

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2024-38514