Описание
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pribai:privategpt:0.5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00056
Низкий
5.4 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 5.4
github
больше 1 года назад
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.
EPSS
Процентиль: 17%
0.00056
Низкий
5.4 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-352