CVE-2024-10908 Information

Description

An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks malware distribution and credential theft.

Reference

https://huntr.com/bounties/61f5e725-5579-4d08-8a88-e4ba04e6d1f2