CVE-2025-63639

The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...

EUVD-2025-38296

The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...

CVE-2025-63639

The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting XSS due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which executes in the browser of any user viewing th...

CVE-2025-63639

The CVE-2025-63639 entry describes an XSS vulnerability in Sourcecodester FAQ Bot with AI Assistant v1.0, specifically in the chat feature where user input is not properly sanitized. Affected component: chat/messages handling in the FAQ Bot. Root cause: improper handling of user-supplied input le...

SourceCodester FAQ Bot with AI Assistant 安全漏洞

SourceCodester FAQ Bot with AI Assistant is an open source question and answer bot with artificial intelligence assistant by SourceCodester. A security vulnerability exists in SourceCodester FAQ Bot with AI Assistant v1.0, which stems from improper handling of user-supplied input and could lead t...

PT-2025-45496

Name of the Vulnerable Software and Affected Versions Sourcecodester FAQ Bot with AI Assistant version 1.0 Description The application’s chat feature is susceptible to Cross-Site Scripting XSS because of inadequate handling of user-provided input. An attacker can inject malicious HTML or JavaScri...