{"id":"CVE-2024-5822","summary":"Server-Side Request Forgery (SSRF) in gaizhenbiao/ChuanhuChatGPT","details":"A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions \u003c= ChuanhuChatGPT-20240410-git.zip. This vulnerability allows attackers to send crafted requests from the vulnerable server to internal or external resources, potentially bypassing security controls and accessing sensitive data.","aliases":["PYSEC-2024-268"],"modified":"2026-07-08T08:11:52.461191897Z","published":"2024-06-27T18:44:48.521Z","database_specific":{"cna_assigner":"@huntr_ai","cwe_ids":["CWE-918"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/5xxx/CVE-2024-5822.json"},"references":[{"type":"WEB","url":"https://huntr.com/bounties/b24f1b5f-a529-435b-ac4d-5ca71d5d1fb5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/5xxx/CVE-2024-5822.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5822"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gaizhenbiao/chuanhuchatgpt","events":[{"introduced":"c7592900ac7a785169c3db12e60c2654446642ec"},{"last_affected":"c7592900ac7a785169c3db12e60c2654446642ec"}],"database_specific":{"extracted_events":[{"introduced":"20240410"},{"last_affected":"20240410"}],"source":"CPE_STRING","cpe":"cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240410:*:*:*:*:*:*:*"}}],"versions":["20240410"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-5822.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}