Submit #261392: chatgpt-web WEB v2.11.1 Stored Xssinfo

Titelchatgpt-web WEB v2.11.1 Stored Xss
BeschreibungVulnerability Insight: The Description parameter is accepting XSS payloads. This Vulnerability can lead to stored XSS attacks, enabling unauthorized users to steal sessions and execute harmful JavaScript code. Exploiting the Vulnerability: Step 1: Inject an XSS payload into a photo element, like so: "><image src onerror=prompt(document.domain)> The payload will be stored on the page and triggered by any user visiting it.
Quelle⚠️ https://github.com/Chanzhaoyu/chatgpt-web/issues/2001
Benutzer
 MIDO0X0X (UID 60837)
Einreichung02.01.2024 14:08 (vor 2 Jahren)
Moderieren05.01.2024 13:57 (3 days later)
StatusAkzeptiert
VulDB Eintrag249779 [Chanzhaoyu chatgpt-web 2.11.1 Beschreibung Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Interested in the pricing of exploits?

See the underground prices here!