CVE-2024-48140

Published Oct 24, 2024

Last updated 23 days ago

Overview

Description: A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.
Source: cve@mitre.org
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-77

Hype score: Not currently trending

CVE-2024-48140 A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrat… https://t.co/7uhLir8PKJ
@CVEnew
24 Oct 2024
270 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References