exploitDog

CVE-2024-48144

Опубликовано: 24 окт. 2024

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.

Ссылки

EPSS

Процентиль: 40%

0.00182

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-jg3p-mpfh-w2hg

CVSS3: 9.1

github

больше 1 года назад

A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.

EPSS

Процентиль: 40%

0.00182

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-77