Unauthorized Deletion of User Chats and Critical Files
A vulnerability in ChuanhuChatGPT version 20240410 allows any user to delete other users' chat histories and critical files, leading to a denial of service. This issue has not yet been patched.
Available publicly on Jun 21 2024
Remediation Steps
- Implement input validation to prevent path traversal.
- Restrict file operations to authorized users only.
- Regularly back up critical files to prevent data loss.
- Monitor and log file access to detect unauthorized activities.
Patch Details
- Fixed Version: N/A
- Patch Commit: N/A
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.