PT-2025-34377 · Nextchat · Nextchat

Name of the Vulnerable Software and Affected Versions: NextChat affected versions not specified Description: NextChat contains a cross-site scripting XSS issue in the HTMLPreview component of artifacts.tsx. This allows attackers to execute arbitrary JavaScript code when HTML content is rendered i...

CVE-2025-50733

NextChat contains a cross-site scripting XSS vulnerability in the HTMLPreview component of artifacts.tsx that allows attackers to execute arbitrary JavaScript code when HTML content is rendered in the AI chat interface. The vulnerability occurs because user-influenced HTML from AI responses is...