AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site Scripting (XSS). The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sohelamin
Sohelamin chatbot |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:sohelamin:chatbot:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Sohelamin
Sohelamin chatbot |
|
Metrics |
cvssV3_1
|
Fri, 25 Oct 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site Scripting (XSS). The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-25T00:00:00
Updated: 2024-10-30T19:15:37.333Z
Reserved: 2024-10-08T00:00:00
Link: CVE-2024-48396
Vulnrichment
Updated: 2024-10-30T19:15:32.819Z
NVD
Status : Awaiting Analysis
Published: 2024-10-25T21:15:04.300
Modified: 2024-10-30T20:35:31.167
Link: CVE-2024-48396
Redhat
No data.