Submeter #261392: chatgpt-web WEB v2.11.1 Stored Xssinformação

Títulochatgpt-web WEB v2.11.1 Stored Xss
DescriçãoVulnerability Insight: The Description parameter is accepting XSS payloads. This Vulnerability can lead to stored XSS attacks, enabling unauthorized users to steal sessions and execute harmful JavaScript code. Exploiting the Vulnerability: Step 1: Inject an XSS payload into a photo element, like so: "><image src onerror=prompt(document.domain)> The payload will be stored on the page and triggered by any user visiting it.
Fonte⚠️ https://github.com/Chanzhaoyu/chatgpt-web/issues/2001
Utilizador
 MIDO0X0X (UID 60837)
Submissão02/01/2024 14h08 (há 2 anos)
Moderação05/01/2024 13h57 (3 days later)
EstadoAceite
Entrada VulDB249779 [Chanzhaoyu chatgpt-web 2.11.1 Descrição Script de Site Cruzado]
Pontos20

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!