2 matches found
CVE-2024-4520 Improper Access Control in gaizhenbiao/chuanhuchatgpt
An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically in version 20240410. This vulnerability allows any user on the server to access the chat history of any other user without requiring any form of interaction between the users. Exploitation ...
CVE-2024-4520
CVE-2024-4520 affects the gaizhenbiao/chuanhuchatgpt application (version 20240410). The root cause is insufficient access control in how chat history data is handled, allowing any server user to access another user’s chat history without interaction. Documented impact includes potential data bre...