CVE-2025-66450
MEDIUMLibreChat < 0.8.1 - Stored Cross-Site Scripting via IconURL Parameter
Title source: llmDescription
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when a user posts a question, the iconURL parameter of the POST request can be modified by an attacker. The malicious code is then stored in the chat which can then be shared to other users. When sharing chats with a potentially malicious “tracker”, resources loaded can lead to loss of privacy for users who view the chat link that is sent to them. This issue is fixed in version 0.8.1.
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_confirm
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-84vx-vmcf-xgpp
Scores
CVSS v3
5.4
EPSS
0.0018
EPSS Percentile
7.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-80
Status
published
Products (1)
librechat/librechat
< 0.8.1
Published
Dec 11, 2025
Tracked Since
Feb 18, 2026