216.73.217.64

CVE-2024-48144

· Published 24/10/2024 19:15 · Modified 28/10/2024 20:35

Labels: CVE-2024-48144 2024-10-24CVE-2024-48144CWE-77[email protected]

Essential information

Published
24/10/2024 19:15
Modified
28/10/2024 20:35
Author
Creator
CVSS
9.1 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CVSS metrics

Description

A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References