Search criteria
6 vulnerabilities by ChatGPTNextWeb
CVE-2026-7644 (GCVE-0-2026-7644)
Vulnerability from cvelistv5 – Published: 2026-05-02 15:00 – Updated: 2026-05-02 15:00
VLAI?
Title
ChatGPTNextWeb NextChat actions.ts addMcpServer improper authorization
Summary
A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ChatGPTNextWeb | NextChat |
Affected:
2.16.0
Affected: 2.16.1 |
Credits
{
"containers": {
"cna": {
"affected": [
{
"product": "NextChat",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"status": "affected",
"version": "2.16.0"
},
{
"status": "affected",
"version": "2.16.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yu.Bao (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-02T15:00:13.502Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360756 | ChatGPTNextWeb NextChat actions.ts addMcpServer improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360756"
},
{
"name": "VDB-360756 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360756/cti"
},
{
"name": "Submit #806851 | ChatGPTNextWeb NextChat 2.16.1 Unauthenticated Remote Code Execution",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/806851"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/issues/6757"
},
{
"tags": [
"product"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-01T18:39:12.000Z",
"value": "VulDB entry last update"
}
],
"title": "ChatGPTNextWeb NextChat actions.ts addMcpServer improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7644",
"datePublished": "2026-05-02T15:00:13.502Z",
"dateReserved": "2026-05-01T16:34:02.930Z",
"dateUpdated": "2026-05-02T15:00:13.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7643 (GCVE-0-2026-7643)
Vulnerability from cvelistv5 – Published: 2026-05-02 14:45 – Updated: 2026-05-02 14:45
VLAI?
Title
ChatGPTNextWeb NextChat API Endpoint Next.js cross-domain policy
Summary
A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component API Endpoint. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ChatGPTNextWeb | NextChat |
Affected:
2.16.0
Affected: 2.16.1 |
Credits
{
"containers": {
"cna": {
"affected": [
{
"modules": [
"API Endpoint"
],
"product": "NextChat",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"status": "affected",
"version": "2.16.0"
},
{
"status": "affected",
"version": "2.16.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yu_Bao (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component API Endpoint. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-02T14:45:12.877Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360755 | ChatGPTNextWeb NextChat API Endpoint Next.js cross-domain policy",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/360755"
},
{
"name": "VDB-360755 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360755/cti"
},
{
"name": "Submit #806833 | ChatGPTNextWeb NextChat 2.16.1 Permissive CORS Wildcard Policy",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/806833"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/issues/6756"
},
{
"tags": [
"product"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-01T18:39:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "ChatGPTNextWeb NextChat API Endpoint Next.js cross-domain policy"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7643",
"datePublished": "2026-05-02T14:45:12.877Z",
"dateReserved": "2026-05-01T16:33:59.113Z",
"dateUpdated": "2026-05-02T14:45:12.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7178 (GCVE-0-2026-7178)
Vulnerability from cvelistv5 – Published: 2026-04-27 22:00 – Updated: 2026-04-28 14:01
VLAI?
Title
ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery
Summary
A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ChatGPTNextWeb | NextChat |
Affected:
2.16.0
Affected: 2.16.1 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7178",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:01:30.983014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:01:44.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Artifacts Endpoint"
],
"product": "NextChat",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"status": "affected",
"version": "2.16.0"
},
{
"status": "affected",
"version": "2.16.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-b (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T22:00:20.342Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-359780 | ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/359780"
},
{
"name": "VDB-359780 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/359780/cti"
},
{
"name": "Submit #797646 | nextchat \u003c= 2.16.1 Server-Side Request Forgery (CWE-918) / Path Traversal (CWE-22)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/797646"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/issues/6741"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/YLChen-007/43252d45d75e8bdd2d45136fd6ffe8a5"
},
{
"tags": [
"product"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-27T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-27T10:21:14.000Z",
"value": "VulDB entry last update"
}
],
"title": "ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7178",
"datePublished": "2026-04-27T22:00:20.342Z",
"dateReserved": "2026-04-27T08:16:05.917Z",
"dateUpdated": "2026-04-28T14:01:44.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7177 (GCVE-0-2026-7177)
Vulnerability from cvelistv5 – Published: 2026-04-27 21:45 – Updated: 2026-04-28 14:47
VLAI?
Title
ChatGPTNextWeb NextChat route.ts proxyHandler server-side request forgery
Summary
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ChatGPTNextWeb | NextChat |
Affected:
2.16.0
Affected: 2.16.1 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7177",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:47:49.679157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:47:57.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NextChat",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"status": "affected",
"version": "2.16.0"
},
{
"status": "affected",
"version": "2.16.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-b (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T21:45:15.349Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-359779 | ChatGPTNextWeb NextChat route.ts proxyHandler server-side request forgery",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/359779"
},
{
"name": "VDB-359779 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/359779/cti"
},
{
"name": "Submit #797645 | nextchat \u003c= 2.16.1 Server-Side Request Forgery / SSRF (CWE-918)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/797645"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/issues/6742"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/YLChen-007/da6b00024f5b7e1d4fa0658c19b77fbf"
},
{
"tags": [
"product"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-27T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-27T10:21:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "ChatGPTNextWeb NextChat route.ts proxyHandler server-side request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7177",
"datePublished": "2026-04-27T21:45:15.349Z",
"dateReserved": "2026-04-27T08:15:58.463Z",
"dateUpdated": "2026-04-28T14:47:57.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-38514 (GCVE-0-2024-38514)
Vulnerability from cvelistv5 – Published: 2024-06-28 18:11 – Updated: 2024-08-02 04:12
VLAI?
Title
NextChat Server-Side Request Forgery (SSRF)
Summary
NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the `endpoint` GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and GET methods supported), or to target NextChat users and make them execute arbitrary JavaScript code in their browser. This vulnerability has been patched in version 2.12.4.
Severity ?
7.4 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ChatGPTNextWeb | ChatGPT-Next-Web |
Affected:
< 2.12.4
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:chatgptnextweb:nextchat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nextchat",
"vendor": "chatgptnextweb",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:14:57.406762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T16:27:45.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/security/advisories/GHSA-gph5-rx77-3pjg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/security/advisories/GHSA-gph5-rx77-3pjg"
},
{
"name": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/commit/dad122199a85c2f12277593973e1784b212adf5e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/commit/dad122199a85c2f12277593973e1784b212adf5e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChatGPT-Next-Web",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"status": "affected",
"version": "\u003c 2.12.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the `endpoint` GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and GET methods supported), or to target NextChat users and make them execute arbitrary JavaScript code in their browser. This vulnerability has been patched in version 2.12.4.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T18:11:02.964Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/security/advisories/GHSA-gph5-rx77-3pjg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/security/advisories/GHSA-gph5-rx77-3pjg"
},
{
"name": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/commit/dad122199a85c2f12277593973e1784b212adf5e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/commit/dad122199a85c2f12277593973e1784b212adf5e"
}
],
"source": {
"advisory": "GHSA-gph5-rx77-3pjg",
"discovery": "UNKNOWN"
},
"title": "NextChat Server-Side Request Forgery (SSRF)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38514",
"datePublished": "2024-06-28T18:11:02.964Z",
"dateReserved": "2024-06-18T16:37:02.727Z",
"dateUpdated": "2024-08-02T04:12:25.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49785 (GCVE-0-2023-49785)
Vulnerability from cvelistv5 – Published: 2024-03-11 23:26 – Updated: 2024-08-19 07:48
VLAI?
Title
NextChat vulnerable to Server-Side Request Forgery and Cross-site Scripting
Summary
NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also write access using HTTP POST, PUT, and other methods. Attackers can also use this vulnerability to mask their source IP by forwarding malicious traffic intended for other Internet targets through these open proxies. As of time of publication, no patch is available, but other mitigation strategies are available. Users may avoid exposing the application to the public internet or, if exposing the application to the internet, ensure it is an isolated network with no access to any other internal resources.
Severity ?
9.1 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ChatGPTNextWeb | NextChat |
Affected:
0 , ≤ 2.11.2
(2.11.2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:00.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"technical-description"
],
"url": "https://www.vicarius.io/vsociety/posts/hacking-ai-chatbots-for-fun-and-learning-analyzing-an-unauthenticated-ssrf-and-reflected-xss-in-chatgpt-next-web-cve-2023-49785"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/pull/4285"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/issues/4283"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web"
},
{
"url": "https://www.vicarius.io/vsociety/posts/hacking-ai-chatbots-for-fun-and-learning-analyzing-an-unauthenticated-ssrf-and-reflected-xss-in-chatgpt-next-web-cve-2023-49785"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:chatgptnextweb:nextchat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nextchat",
"vendor": "chatgptnextweb",
"versions": [
{
"lessThanOrEqual": "2.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-25T16:22:49.432580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:36:28.269Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NextChat",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"lessThanOrEqual": "2.11.2",
"status": "affected",
"version": "0",
"versionType": "2.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eenables read access to internal HTTP endpoints but also write access using HTTP POST, PUT, and other methods. Attackers can also use this vulnerability to mask their source IP by forwarding malicious traffic intended for other Internet targets through these open proxies.\u0026nbsp;\u003c/span\u003eAs of time of publication, no patch is available, but other mitigation strategies are available. Users may avoid exposing the application to the public internet or, if exposing the application to the internet,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eensure it is an isolated network with no access to any other internal resources.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also write access using HTTP POST, PUT, and other methods. Attackers can also use this vulnerability to mask their source IP by forwarding malicious traffic intended for other Internet targets through these open proxies. As of time of publication, no patch is available, but other mitigation strategies are available. Users may avoid exposing the application to the public internet or, if exposing the application to the internet, ensure it is an isolated network with no access to any other internal resources.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-11T23:26:10.773Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/"
},
{
"url": "https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NextChat vulnerable to Server-Side Request Forgery and Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49785",
"datePublished": "2024-03-11T23:26:10.773Z",
"dateReserved": "2023-11-30T13:39:50.862Z",
"dateUpdated": "2024-08-19T07:48:00.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}