An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| fschat(PyPI) | 0 | N/A | N/A |
CVSS Metrics
