Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-27564 PoC — ChatGPT 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-27564.yaml
Associated Vulnerability
Title:ChatGPT 安全漏洞 (CVE-2024-27564)
Description:ChatGPT是一个基于OpenAI ChatGPT项目API的可视化界面站点。 ChatGPT commit f9f4bbc版本存在安全漏洞,该漏洞源于存在服务器请求伪造(SSRF)漏洞。攻击者可利用该漏洞通过向urlparameter注入特制的URL来迫使应用程序执行任意请求。
Description
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.
File Snapshot

 id: CVE-2024-27564

info:
  name: ChatGPT个人专用版 - Server Side Request Forgery
  author: DhiyaneshDK
 

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.