Gaizhenbiao Chuanhuchatgpt Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in the gaizhenbiao/chuanhuchatgpt repository, specifically in version git 20b2e02. This vulnerability stems from inadequate sanitization of HTML tags in chat history uploads. The sanitization process fails to properly manage HTML tags within code blocks, enabling attackers to inject malicious scripts. Consequently, this flaw could allow the execution of arbitrary JavaScript in the user's browser, with potential risks including identity theft or other malicious activities.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user's browser.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Gaizhenbiao Chuanhuchatgpt Stored Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

gaizhenbiao/chuanhuchatgpt

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating