5 matches found
EUVD-2025-25594
Malicious code in bioql PyPI...
CVE-2025-50733
NextChat contains a cross-site scripting XSS vulnerability in the HTMLPreview component of artifacts.tsx that allows attackers to execute arbitrary JavaScript code when HTML content is rendered in the AI chat interface. The vulnerability occurs because user-influenced HTML from AI responses is...
PT-2025-34377 · Nextchat · Nextchat
Name of the Vulnerable Software and Affected Versions: NextChat affected versions not specified Description: NextChat contains a cross-site scripting XSS issue in the HTMLPreview component of artifacts.tsx. This allows attackers to execute arbitrary JavaScript code when HTML content is rendered i...
CVE-2025-50733
NextChat has an XSS vulnerability in the HTMLPreview component (artifacts.tsx). User-influenced HTML from AI responses is rendered in an iframe with allow-scripts without proper sanitization, enabling injection of JavaScript. Impact stated includes exfiltration of sensitive data (e.g., API keys i...
Exploit for CVE-2024-48217
CVE-2024-48217 Sismart Vulnerability ---------------------------...