Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege Escalation in CBOT's Chatbot
Vulnerability Description
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
CWE-1270
Vulnerability Title
CBOT Chatbot 安全漏洞
Vulnerability Description
CBOT Chatbot是CBOT公司的一个人工智能驱动的实时聊天解决方案。 CBOT Chatbot Core v4.0.3.4 之前版本、 Panel v4.0.3.7之前版本存在安全漏洞,该漏洞源于生成不正确的安全令牌,允许令牌模拟、特权滥用。
CVSS Information
N/A
Vulnerability Type
N/A