6 matches found
CVE-2025-63639
The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...
EUVD-2025-38296
The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...
CVE-2025-63639
The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...
SourceCodester FAQ Bot with AI Assistant 安全漏洞
SourceCodester FAQ Bot with AI Assistant is an open source question and answer bot with artificial intelligence assistant by SourceCodester. A security vulnerability exists in SourceCodester FAQ Bot with AI Assistant v1.0, which stems from improper handling of user-supplied input and could lead t...
CVE-2025-63639
The CVE-2025-63639 entry describes an XSS vulnerability in Sourcecodester FAQ Bot with AI Assistant v1.0, specifically in the chat feature where user input is not properly sanitized. Affected component: chat/messages handling in the FAQ Bot. Root cause: improper handling of user-supplied input le...
PT-2025-45496
Name of the Vulnerable Software and Affected Versions Sourcecodester FAQ Bot with AI Assistant version 1.0 Description The application’s chat feature is susceptible to Cross-Site Scripting XSS because of inadequate handling of user-provided input. An attacker can inject malicious HTML or JavaScri...