springboot-openai-chatgpt Business Logic Vulnerability in Data Addition API
Vulnerability
A critical business logic vulnerability has been identified in the springboot-openai-chatgpt application, specifically in version e84f6f5. The issue arises in the API endpoint '/api/mjkj-chat/cgform-api/addData/', where the 'chatUserID' parameter can be manipulated. This vulnerability allows normal users to bypass permission checks and add data on behalf of other users, potentially leading to unauthorized actions or data manipulation.
Impact
Exploitation of this vulnerability allows for unauthorized data addition on behalf of other users, bypassing normal permission checks. This could be used to manipulate application data or user accounts.
Reproduction
To reproduce this vulnerability, a normal user must log into the application and retrieve the 'chatUserID' from their chat history. Once obtained, the user can send a POST request to the 'addData' API endpoint, using the 'chatUserID' parameter. The request can include any data the user wishes to add, effectively allowing them to manipulate data on behalf of the target user.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.