CVE-2024-6035
Stored XSS in gaizhenbiao/chuanhuchatgpt
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410. This vulnerability allows an attacker to inject malicious JavaScript code into the chat history file. When a victim uploads this file, the malicious script is executed in the victim's browser. This can lead to user data theft, session hijacking, malware distribution, and phishing attacks.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Produtos afetados
gaizhenbiao · gaizhenbiao/chuanhuchatgptQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →