Vulnerability CVE-2024-6090


Published: 2024-06-27

Description:
A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerability can also be exploited to delete any files ending in `.json` on the target system, leading to a denial of service as users are unable to authenticate.

Type:

CWE-400

(Uncontrolled Resource Consumption ('Resource Exhaustion'))

 References:
https://huntr.com/bounties/bd0f8f89-5c8a-4662-89aa-a6861d84cf4c

Copyright 2026, cxsecurity.com

 

Back to Top