CVE-2025-10869 in ChatbotИнформация

Сводка (Английский)

Stored Cross-site Scripting (XSS) in Oct8ne Chatbot v2.3. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting a malicious payload through the creation of a transcript that is sent by email. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user, through /Data/SaveInteractions.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Ответственный

INCIBE

Резервировать

23.09.2025

Раскрытие

15.10.2025

Статус

Подтверждённый

Записи

VulDB provides additional information and datapoints for this CVE:

ИДУязвимостьCWEЭксКонCVE
328660Oct8ne Chatbot межсайтовый скриптинг79Не определеноНе определеноCVE-2025-10869

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

Источники

ПредыдущийОбзорДалее

Want to stay up to date on a daily basis?

Enable the mail alert feature now!