7 matches found
CVE-2025-4515
A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...
CVE-2025-4515
creationtimestamp| type| source ---|---|--- 2025-05-10 21:27:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15911 2025-05-10 21:44:10+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lotuub3y3gt2 2025-05-11...
CVE-2025-4515
A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...
CVE-2025-4515
CVE-2025-4515 affects Zylon PrivateGPT up to 0.6.2. The issue resides in an unknown part of settings.yaml where manipulating the allow_origins parameter yields a permissive cross-domain policy with untrusted domains, enabling remote initiation of an attack. Public disclosure exists. Practical imp...
CVE-2025-4515 Zylon PrivateGPT settings.yaml cross-domain policy
A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...
CVE-2025-4515 Zylon PrivateGPT settings.yaml cross-domain policy
A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...
CVE-2025-4515 Zylon PrivateGPT settings.yaml cross-domain policy
A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...