Gaizhenbiao Chuanhuchatgpt Improper Access Control Vulnerability Allowing Unauthorized Chat History Manipulation

A vulnerability in Gaizhenbiao Chuanhuchatgpt version 20240802 enables attackers to access, copy, and delete other users' chat histories. This issue stems from inadequate session data management and a lack of access control, allowing attackers to view and alter the chat records of others. Exploitation involves sending specific POST requests that can delete a victim's chat history while simultaneously copying it to the attacker's folder.

Impact

Exploitation of this vulnerability leads to unauthorized access and manipulation of users' chat histories, causing privacy violations and potential exposure of sensitive information. This could damage the application's reputation and user trust, raise regulatory compliance issues, and create opportunities for further exploitation of user data.

Reproduction

To reproduce this vulnerability, send a POST request to the '/queue/join' endpoint with a 'data' payload that includes the target user's chat history file. After this request is processed, send a second POST request to the same endpoint, this time including a command to delete the chat history. This action will remove the chat history from the victim's folder and transfer it to the attacker's folder.

Remediation

Users are advised to update to version 20240918, where this vulnerability has been fixed.