CVE-2024-48059
gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket s
gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket message. When a victim accesses this session, the malicious JavaScript is executed in the victim's browser.
MEDIUM · CVSS 6.1
EPSS 0.00181
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0