2024-07-11 10:41:27
@huntr_ai
PUBLISHED
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410. This vulnerability allows an attacker to inject malicious JavaScript code into the chat history file. When a victim uploads this file, the malicious script is executed in the victims browser. This can lead to user data theft, session hijacking, malware distribution, and phishing attacks.