PrivateGPT < 0.5.0 - Open Redirect

An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper handling of the 'file' parameter. This vulnerability allows attackers to redirect users to a URL specified by user-controlled input without proper validation or sanitization. id: CVE-2024-5936 info: name:...

PrivateGPT 跨站脚本漏洞

PrivateGPT is an AI project open-sourced by Zylon. A cross-site scripting vulnerability exists in PrivateGPT version v0.5.0, which stems from cross-site scripting during file uploads, which allows an attacker to upload a malicious SVG file and execute JavaScript when the victim clicks on the file...