Security Advisory

CVE-2024-48396

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-25 00:00:00

Last updated 2024-10-30 19:15:37

Assigner mitre

State PUBLISHED

Description

AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site Scripting (XSS). The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts.

← Browse all CVEs View on cve.org ↗