Description
ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an <iframe> payload containing a javascript: URI can be processed and executed in the browser context. This allows access to sensitive client-side data such as localStorage tokens and cookies, resulting in client-side injection. This issue has been fixed in version 1.0.9.
Published: 2026-01-24
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Client-side data theft via XSS
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a stored cross‑site scripting flaw in ChatterMate.chat that allows an attacker to inject and execute malicious HTML and JavaScript payloads through chatbot input. The flaw specifically processes <iframe> tags containing javascript: URIs, which are executed in the victim’s browser. As the payload runs with the page’s privileges, an attacker can read client‑side storage such as localStorage and cookies, potentially exposing authentication tokens or personal data. The weakness is a typical input validation issue classified as CWE‑79.

Affected Systems

Users of the ChatterMate.chat framework running version 1.0.8 or older are affected. The flaw exists in the open‑source implementation hosted on GitHub, and version 1.0.9 and later contain the fix.

Risk and Exploitability

With a CVSS score of 9.3 the vulnerability is considered high‑severity. The EPSS probability is less than 1 %, indicating a low likelihood of exploitation at present, and the issue is not listed in the CISA KEV catalog. The likely attack vector is a user who can send arbitrary chat input to a deployed instance of the framework; if that instance is publicly reachable, any visitor could target the browser session. Once exploited, the attacker gains client‑side execution, enabling theft of tokens, cookies, and other sensitive data stored locally.

Generated by OpenCVE AI on April 18, 2026 at 03:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ChatterMate.chat to version 1.0.9 or later, which removes the injection vector.
  • If an upgrade cannot be performed immediately, remove or escape all <iframe> tags and javascript: URIs from user chat input before rendering them in the browser.
  • Implement a strict input validation policy to allow only safe HTML elements and attributes, ensuring that no executable scripts can be injected through the chatbot interface.

Generated by OpenCVE AI on April 18, 2026 at 03:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 12 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Chattermate chattermate
CPEs cpe:2.3:a:chattermate:chattermate:*:*:*:*:*:*:*:*
Vendors & Products Chattermate chattermate

Mon, 26 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 26 Jan 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Chattermate
Chattermate chattermate.chat
Vendors & Products Chattermate
Chattermate chattermate.chat

Sat, 24 Jan 2026 00:45:00 +0000

Type Values Removed Values Added
Description ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an <iframe> payload containing a javascript: URI can be processed and executed in the browser context. This allows access to sensitive client-side data such as localStorage tokens and cookies, resulting in client-side injection. This issue has been fixed in version 1.0.9.
Title ChatterMate has Stored Cross-Site Scripting (XSS) via Chatbot Input Execution
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N'}

Subscriptions

Chattermate Chattermate Chattermate.chat
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-26T16:17:53.948Z

Reserved: 2026-01-22T18:19:49.172Z

Link: CVE-2026-24399

cve-icon Vulnrichment

Updated: 2026-01-26T16:15:52.860Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-24T01:15:50.393

Modified: 2026-02-12T16:05:57.580

Link: CVE-2026-24399

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T03:15:35Z

Weaknesses