Filtered by vendor Ai3 Subscriptions
Filtered by product Qbibot Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-3777 1 Ai3 1 Qbibot 2024-11-21 9.8 Critical
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated remote attackers to reset any user's password.
CVE-2024-7204 1 Ai3 1 Qbibot 2024-09-11 6.1 Medium
Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. Once the recipient views the message, they will be subject to a Stored XSS attack.