An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper handling of the 'file' parameter. This vulnerability allows attackers to redirect users to a URL specified by user-controlled input without proper validation or sanitization. The impact of this vulnerability includes potential phishing attacks, malware distribution, and credential theft.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/5xxx/CVE-2024-5936.json",
"cna_assigner": "@huntr_ai",
"cwe_ids": [
"CWE-601"
]
}