CVE-2024-0083

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 49.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Chatrtx
Timeline
PublishedApr 8
Latest updateApr 9

Description

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running malicious scripts in users' browsers. A successful exploit of this vulnerability might lead to code execution, denial of service, and information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:LExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

NVDnvidia/chatrtx< 0.2.1
CVEListV5nvidia/chatrtx0.2 and prior versions

🔴Vulnerability Details

2
GHSA
GHSA-gjhv-xhv4-pm88: NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running maliciou2024-04-09
CVEList
CVE2024-04-08
CVE-2024-0083 (MEDIUM CVSS 6.5) | NVIDIA ChatRTX for Windows contains | cvebase.io