CNNVD-202507-2886 Information

CNNVD ID

CNNVD-202507-2886

Related CVE

CVE-2025-51862

• CNNVD Published: 2025-07-22

Description (Chinese)

TelegAI是TelegAI公司的一个AI聊天机器人网站。 TelegAI 2025-05-26及之前版本存在跨站脚本漏洞，该漏洞源于不安全的直接对象引用，可能导致篡改其他用户对话和注入恶意内容。

Description (English)

Telegai is an AI chat robot site for Telegai. TelegAI 2025-05-26 and previous versions had a cross-site script loophole, which stemmed from unsafe direct-object references and could lead to the distortion of other user dialogues and the introduction of malicious content.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

TelegAI

Published

2025-07-22

Last Modified

2026-02-24

References

https://github.com/Secsys-FDU/CVE-2025-51862 https://access.redhat.com/security/cve/cve-2025-51862 https://nvd.nist.gov/vuln/detail/CVE-2025-51862