A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability allows an attacker to upload a malicious HTML file containing JavaScript code, which is then executed when the file is accessed. This can lead to the execution of arbitrary JavaScript in the context of the user's browser.
                
            Metrics
Affected Vendors & Products
References
        History
                    Tue, 01 Apr 2025 21:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Gaizhenbiao Gaizhenbiao chuanhuchatgpt | |
| CPEs | cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:*:*:*:*:*:*:*:* | |
| Vendors & Products | Gaizhenbiao Gaizhenbiao chuanhuchatgpt | |
| Metrics | cvssV3_1 
 | 
Thu, 20 Mar 2025 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Thu, 20 Mar 2025 10:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability allows an attacker to upload a malicious HTML file containing JavaScript code, which is then executed when the file is accessed. This can lead to the execution of arbitrary JavaScript in the context of the user's browser. | |
| Title | Stored XSS in gaizhenbiao/chuanhuchatgpt | |
| Weaknesses | CWE-79 | |
| References |  | |
| Metrics | cvssV3_0 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: @huntr_ai
Published: 2025-03-20T10:11:12.193Z
Updated: 2025-03-20T15:12:54.032Z
Reserved: 2024-09-03T19:01:06.679Z
Link: CVE-2024-8400
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-03-20T15:12:50.844Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-03-20T10:15:42.110
Modified: 2025-04-01T20:32:15.687
Link: CVE-2024-8400
 Redhat
                        Redhat
                    No data.