Invia #261392: chatgpt-web WEB v2.11.1 Stored Xssinformazioni

Titolochatgpt-web WEB v2.11.1 Stored Xss
DescrizioneVulnerability Insight: The Description parameter is accepting XSS payloads. This Vulnerability can lead to stored XSS attacks, enabling unauthorized users to steal sessions and execute harmful JavaScript code. Exploiting the Vulnerability: Step 1: Inject an XSS payload into a photo element, like so: "><image src onerror=prompt(document.domain)> The payload will be stored on the page and triggered by any user visiting it.
Fonte⚠️ https://github.com/Chanzhaoyu/chatgpt-web/issues/2001
Utente
 MIDO0X0X (UID 60837)
Sottomissione02/01/2024 14:08 (2 anni fa)
Moderazione05/01/2024 13:57 (3 days later)
StatoAccettato
Voce VulDB249779 [Chanzhaoyu chatgpt-web 2.11.1 Descrizione cross site scripting]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you want to use VulDB in your project?

Use the official API to access entries easily!