exploitDog

GHSA-7v74-6r8h-93fc

Опубликовано: 22 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT tokens.

A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT tokens.

Ссылки

EPSS

Процентиль: 7%

0.00027

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-51864

CVSS3: 6.5

nvd

7 месяцев назад

A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT tokens.

EPSS

Процентиль: 7%

0.00027

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79