Secsys-FDU

10 exploits Active since Jul 2025
CVE-2025-51865 NOMISEC HIGH WRITEUP
Ai2 Playground <2025-06-03 - Info Disclosure
Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference (IDOR), allowing attackers to gain sensitvie information via enumerating thread keys in the URL.
2 stars
CVSS 8.8
CVE-2025-51858 NOMISEC MEDIUM WRITEUP
ChatPlayground.ai <2025-05-24 - XSS
Self Cross-Site Scripting (XSS) vulnerability in ChatPlayground.ai through 2025-05-24, allows attackers to execute arbitrary code and gain sensitive information via a crafted SVG file contents sent through the chat component.
1 stars
CVSS 6.1
CVE-2025-51869 NOMISEC HIGH WRITEUP
Liner <2025-06-03 - Info Disclosure
Insecure Direct Object Reference (IDOR) vulnerability in Liner thru 2025-06-03 allows attackers to gain sensitive information via crafted space_id, thread_id, and message_id parameters to the v1/space/{space_id}/thread/{thread_id}/message/{message_id} endpoint.
1 stars
CVSS 7.5
CVE-2025-51862 NOMISEC MEDIUM WRITEUP
TelegAI <2025-05-26 - Info Disclosure
Insecure Direct Object Reference (IDOR) vulnerability in TelegAI (telegai.com) thru 2025-05-26 in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and account hijacking via XSS.
CVSS 6.1
CVE-2025-51863 NOMISEC MEDIUM WRITEUP
ChatGPT Unli thru 2025-05-26 - Stored Cross-Site Scripting via SVG File Upload
Self Cross Site Scripting (XSS) vulnerability in ChatGPT Unli (ChatGPTUnli.com) thru 2025-05-26 allows attackers to execute arbitrary code via a crafted SVG file to the chat interface.
CVSS 6.1
CVE-2025-51864 NOMISEC MEDIUM WRITEUP
AIBOX LLM chat - Reflected Cross-Site Scripting
A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT tokens.
CVSS 6.5
CVE-2025-51859 NOMISEC MEDIUM WRITEUP
Chaindesk thru 2025-05-26 - Stored Cross-Site Scripting via AI Agent System Prompt
Stored Cross-Site Scripting (XSS) vulnerability in Chaindesk thru 2025-05-26 in its agent chat component. An attacker can achieve arbitrary client-side script execution by crafting an AI agent whose system prompt instructs the underlying Large Language Model (LLM) to embed malicious script payloads (e.g., SVG-based XSS) into its chat responses. When a user interacts with such a malicious agent or accesses a direct link to a conversation containing an XSS payload, the script executes in the user's browser. Successful exploitation can lead to the theft of sensitive information, such as JWT session tokens, potentially resulting in account hijacking.
CVSS 6.5
CVE-2025-51867 NOMISEC MEDIUM WRITEUP
Deepfiction AI - Insecure Direct Object Reference via /browse/stories Endpoint
Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint.
CVSS 6.5
CVE-2025-51868 NOMISEC HIGH WRITEUP
Dippy v2 - Insecure Direct Object Reference via conversation_id Parameter
Insecure Direct Object Reference (IDOR) vulnerability in Dippy (chat.dippy.ai) v2 allows attackers to gain sensitive information via the conversation_id parameter to the conversation_history endpoint.
CVSS 7.5
CVE-2025-51860 NOMISEC MEDIUM WRITEUP
TelegAI - Stored Cross-Site Scripting via AI Character SVG Payloads
Stored Cross-Site Scripting (XSS) in TelegAI (telegai.com) 2025-05-26 in its chat component and character container component. An attacker can achieve arbitrary client-side script execution by crafting an AI Character with SVG XSS payloads in either description, greeting, example dialog, or system prompt(instructing the LLM to embed XSS payload in its chat response). When a user interacts with such a malicious AI Character or just browse its profile, the script executes in the user's browser. Successful exploitation can lead to the theft of sensitive information, such as session tokens, potentially resulting in account hijacking.
CVSS 6.1