PT-2025-49683

Name of the Vulnerable Software and Affected Versions DeepChat versions 0.5.1 and below Description DeepChat, an open-source AI chat platform supporting cloud models and LLMs, is susceptible to Cross-Site Scripting XSS attacks due to inadequate sanitization of Mermaid content. The initial securit...

Mermaid 跨站脚本漏洞

Mermaid is a mermaid-js open source application. Create charts and visualizations using text and code. A cross-site scripting vulnerability exists in Mermaid versions 10.9.0-rc.1 through 11.9.0, which stems from user-entered sequence diagram tags passed to innerHTML, potentially leading to...