AI Score
Confidence
Low
EPSS
Percentile
20.2%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.
[
{
"cpes": [
"cpe:2.3:a:dirk1983:chatgpt:f9f4bbc:*:*:*:*:*:*:*"
],
"vendor": "dirk1983",
"product": "chatgpt",
"versions": [
{
"status": "affected",
"version": "f9f4bbc"
}
],
"defaultStatus": "unknown"
}
]