Description

gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue (CVE-2024-4941). This vulnerability allows unauthenticated users to access arbitrary files on the server by uploading a specially crafted JSON file and exploiting the improper input validation in the handle_dataset_selection function.

INFO

Published Date :

2025-03-20T10:09:56.842Z

Last Modified :

2025-10-15T12:49:24.414Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-10707 vulnerability.

Vendors Products
Gaizhenbiao
  • Chuanhuchatgpt
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10707.

URL Resource
https://huntr.com/bounties/98fdedea-6ad0-4157-b7d2-ae71c9786ee8 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact