28Haz
CVE-2024-38514 | ChatGPTNextWeb ChatGPT-Next-Web up to 2.12.3 WebDav API Endpoint endpoint server-side request forgery (GHSA-gph5-rx77-3pjg)
A vulnerability was found in ChatGPTNextWeb ChatGPT-Next-Web up to 2.12.3. It has been classified as critical. This affects an unknown part of the component WebDav API Endpoint. The manipulation of the argument endpoint leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2024-38514. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.