Description

A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerability can also be exploited to delete any files ending in `.json` on the target system, leading to a denial of service as users are unable to authenticate.

INFO

Published Date :

2024-06-27T18:40:51.125Z

Last Modified :

2025-10-15T12:50:32.559Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-6090 vulnerability.

Vendors Products
Gaizhenbiao
  • Chuanhuchatgpt
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-6090.

URL Resource
https://github.com/gaizhenbiao/chuanhuchatgpt/commit/526c615c437377ee9c71f866fd0f19011910f705 cve-icon cve-icon
https://huntr.com/bounties/bd0f8f89-5c8a-4662-89aa-a6861d84cf4c cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact