.. / CVE-2023-49785

Exploit for ChatGPT-Next-Web - SSRF/XSS (CVE-2023-49785)

Description:

Full-Read SSRF/XSS in NextChat, aka ChatGPT-Next-Web

Nuclei Template

View the template here CVE-2023-49785.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-49785.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-49785
https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web
https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/