CNNVD-202511-054 Information
CNNVD ID
CNNVD-202511-054
Related CVE
- CNNVD Published: 2025-11-03
Description (Chinese)
NextChat是NextChat开源的一个用于快速部署私人 ChatGPT 网页应用的项目。 NextChat 2.16.0及之前版本存在安全漏洞,该漏洞源于WebDAV代理未能规范化或拒绝其通配路由中的点路径段,可能导致敏感信息泄露。
Description (English)
NextChat is a project for the rapid deployment of a private ChatGPT web-based application for NextChat. NextChat 2.16.0 and previous versions contain a security loophole, which stems from the failure of the WebDAV agent to regularize or reject the point section of its routing route, which could lead to the disclosure of sensitive information.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
NextChat
Published
2025-11-03
Last Modified
2026-02-24
References
https://github.com/ChatGPTNextWeb/NextChat/blob/main/app/api/webdav/%5B…path%5D/route.ts https://github.com/ChatGPTNextWeb/NextChat/blob/main/app/utils/cloud/webdav.ts https://github.com/fai1424/Vulnerability-Research/tree/main/CVE-2025-50735 https://access.redhat.com/security/cve/cve-2025-50735
Patch
https://github.com/ChatGPTNextWeb/NextChat/releases
Share on: