CVE-2024-38514

NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the `endpoint` GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and GET methods supported), or to target NextChat users and make them execute arbitrary JavaScript code in their browser. This vulnerability has been patched in version 2.12.4.

CVSS v3 7.4 HIGH

7.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/commit/dad122199a85c2f12277593973e1784b212adf5e
https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/security/advisories/GHSA-gph5-rx77-3pjg

Configurations

No configuration.

History

01 Jul 2024, 12:37

Type	Values Removed	Values Added
Summary		(es) NextChat es una interfaz de usuario ChatGPT/Gemini multiplataforma. Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) debido a la falta de validación del parámetro GET "endpoint" en el endpoint de la API WebDav. Este SSRF se puede utilizar para realizar solicitudes HTTPS arbitrarias desde la instancia vulnerable (se admiten métodos MKCOL, PUT y GET), o para dirigirse a los usuarios de NextChat y hacer que ejecuten código JavaScript arbitrario en su navegador. Esta vulnerabilidad ha sido parcheada en la versión 2.12.4.

28 Jun 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-28 19:15

Updated : 2024-07-01 12:37

NVD link : CVE-2024-38514

Mitre link : CVE-2024-38514

CVE.ORG link : CVE-2024-38514

JSON object : View

Products Affected

No product.

CWE

CWE-918

Server-Side Request Forgery (SSRF)

7.4 /10