Primary

Context

AIBOX LLM Chat Reflected Cross-Site Scripting Vulnerability Allowing Account Hijacking

Vulnerability

A reflected cross-site scripting vulnerability has been identified in AIBOX LLM chat, accessible at chat.aibox365.cn, and affecting versions prior to May 27, 2025. This vulnerability allows attackers to hijack user accounts by stealing JSON Web Tokens (JWT) through maliciously crafted messages that exploit fragile backend XSS filters.

Impact

Exploitation of this vulnerability allows for the theft of JWT tokens, leading to unauthorized access to user accounts on the AIBOX platform.

Reproduction

To reproduce this vulnerability, paste a script payload into the chat component of AIBOX LLM chat. The injected script can be designed to steal JWT tokens from the user's browser storage. This XSS payload will be executed in the context of the user's session, allowing for token theft and account hijacking.

Added: Jul 22, 2025, 3:24 PM

Updated: Jul 22, 2025, 4:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AIBOX LLM Chat Reflected Cross-Site Scripting Vulnerability Allowing Account Hijacking

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating