Описание
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious third-party or attacker-controlled server.
EPSS
Процентиль: 6%
0.00024
Низкий
4 Medium
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 4
github
больше 1 года назад
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious third-party or attacker-controlled server.
EPSS
Процентиль: 6%
0.00024
Низкий
4 Medium
CVSS3
Дефекты
CWE-77