Submit #806833: ChatGPTNextWeb NextChat 2.16.1 Permissive CORS Wildcard Policyinfo

TitelChatGPTNextWeb NextChat 2.16.1 Permissive CORS Wildcard Policy
BeschreibungNextChat configures its Next.js application to attach maximally permissive CORS response headers to every API endpoint under the /api/* path prefix. The configuration in next.config.mjs (lines 38-63) sets.This configuration allows any website on the internet to make cross-origin requests to all NextChat API endpoints. Because Access-Control-Allow-Headers: * permits custom headers, attacker-controlled JavaScript can set the x-base-url header, which the proxy endpoint (/api/[provider]/[...path]/route.ts) uses to determine the server-side fetch destination. This directly enables cross-origin SSRF attacks.
Quelle⚠️ https://github.com/ChatGPTNextWeb/NextChat/issues/6756
Benutzer
 Yu_Bao (UID 89348)
Einreichung17.04.2026 07:19 (vor 2 Monaten)
Moderieren01.05.2026 18:34 (14 days later)
StatusAkzeptiert
VulDB Eintrag360755 [ChatGPTNextWeb NextChat bis 2.16.1 API Endpoint Next.js erweiterte Rechte]
Punkte20

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!