CVE-2024-8613

Name of the Vulnerable Software and Affected Versions gaizhenbiao/chuanhuchatgpt version 20240802

Description The issue arises due to improper handling of session data and lack of access control mechanisms, enabling attackers to view and manipulate chat histories of other users. This allows attackers to access, copy, and delete other users' chat histories.

Recommendations For gaizhenbiao/chuanhuchatgpt version 20240802, consider implementing proper session data handling and access control mechanisms to prevent unauthorized access to chat histories. As a temporary workaround, restrict access to sensitive chat history data until a patch is available.