Volerion logoVolerion
Volerion logoVolerion

Gaizhenbiao Chuanhuchatgpt Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in the latest version of Gaizhenbiao Chuanhuchatgpt. This vulnerability allows an attacker to upload a malicious HTML file containing JavaScript, which is executed when the file is accessed. As a result, arbitrary JavaScript can be executed in the context of the user's browser.

Impact

Exploitation of this vulnerability allows for the execution of JavaScript code in the user's browser, potentially leading to unauthorized actions or data exposure.

Reproduction

To reproduce this vulnerability, upload a malicious HTML file containing JavaScript code through the application's file upload feature. Once the file is uploaded, access it via the application's file retrieval URL. The JavaScript payload will execute in the context of the user's browser.

Remediation

Users are advised to validate file extensions before allowing uploads to prevent the introduction of malicious content.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
1.7
exploitability
4.4
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.