CVE-2024-8400

Summary

CVE-2024-8400 is a newly identified stored cross-site scripting (XSS) vulnerability affecting the latest version of gaizhenbiao/chuanhuchatgpt. An attacker can exploit this issue by uploading a malicious HTML file containing JavaScript code, which is subsequently executed when the file is accessed. This vulnerability grants the attacker the ability to inject arbitrary JavaScript into the user's browser, potentially leading to serious security consequences. The impact of this issue can range from session hijacking to data theft and unauthorized actions. Users are advised to update their systems as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.