Submit #601161: chatchat-space Langchain-Chatchat < v0.3.1 Path Traversal: '.../...//'info

Titlechatchat-space Langchain-Chatchat < v0.3.1 Path Traversal: '.../...//'
DescriptionThere is a path traversal vulnerability in the /v1/file processing GET request of the Langchain-Chatchat backend. An attacker can send malicious requests to the endpoint through the network to achieve path traversal file reading.
Source⚠️ https://github.com/chatchat-space/Langchain-Chatchat/issues/5353
User
 Anonymous User
Submission06/20/2025 09:19 (10 months ago)
Moderation06/28/2025 12:38 (8 days later)
StatusAccepted
VulDB entry314326 [chatchat-space Langchain-Chatchat up to 0.3.1 files?purpose=assistants path traversal]
Points16

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!