cve/CVE-2024-48396.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

902 B

Raw Permalink Blame History

CVE-2024-48396

Description

AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site Scripting (XSS). The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts.

POC

Reference

https://jacobmasse.medium.com/reflected-xss-in-popular-ai-chatbot-application-79de74ea0cc8

Github

No PoCs found on GitHub currently.

902 B Raw Permalink Blame History

CVE-2024-48396

Description

POC

Reference

Github

902 B

Raw Permalink Blame History