CVE-2025-2321

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 15, 2025

CWE ID 89

Summary

CVE-2025-2321 is a recently disclosed critical vulnerability affecting the springboot-openai-chatgpt package, specifically the e84f6f5 version. The issue lies in the /api/mjkj-chat/cgform-api/addData/ functionality, where manipulation of the chatUserID argument can lead to business logic errors. This vulnerability allows for remote exploitation, making it a significant security concern. The vendor has been contacted regarding the disclosure but has not provided any response or updated releases. As the product employs continuous delivery with rolling releases, no version details of affected or patched versions have been made available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

WeGIA

Affected Vendors

WE Giá

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners