7 matches found
GHSA-VCCX-P757-PV6H mo has a XSS via inline SVG script tags in Markdown rendering
Summary When rendering Markdown files containing inline SVG elements with tags, the embedded JavaScript is executed in the browser. This is due to rehype-raw passing raw HTML including SVG through to the DOM without sanitization. PoC html alert1 Embedding the above in a Markdown file opened with ...
CVE-2026-28509
LangBot’s web UI prior to version 4.8.7 renders user-supplied raw HTML via rehypeRaw, resulting in a cross-site scripting (XSS) vulnerability. Affected product: LangBot (global IM bot platform for LLMs). Root cause: unescaped user HTML processed by rehypeRaw. Impact (per CVSS): Confidentiality im...
CVE-2026-28509 LangBot has a Cross Site Scripting(XSS) Vulnerability
LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting XSS vulnerability. This issue has been patched in version 4.8.7...
CVE-2026-28509 LangBot has a Cross Site Scripting(XSS) Vulnerability
LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting XSS vulnerability. This issue has been patched in version 4.8.7...
CVE-2026-28509 LangBot has a Cross Site Scripting(XSS) Vulnerability
LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting XSS vulnerability. This issue has been patched in version 4.8.7...
LangBot 跨站脚本漏洞
LangBot is an open-source development platform for large-scale instant messaging robots created by LangBot. Versions of LangBot prior to 4.8.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of rehypeRaw to render the original HTML provided by users, which...
CVE-2025-51462
Stored Cross-site Scripting XSS vulnerability in api.apps.dialogapp.setdialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript via crafted input to the assistant greeting field, which is stored unsanitised and rendered using a markdown component with rehype-raw...