CNNVD-202602-980 Information
Feb 06, 2026
cve
CNNVD ID
CNNVD-202602-980
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
OrcaStatLLM Researcher是AlgoNet Lab开源的一个基于大模型的研究论文生成器。 OrcaStatLLM Researcher存在跨站脚本漏洞,该漏洞源于会话页面的日志消息对恶意研究主题输入处理不当,可能导致存储型跨站脚本攻击。
Description (English)
Orca StatLM Researcher is a large model-based research paper generator from the AlgoNet Lab open source. OrcastatLM Researcher has a cross-site script loophole, which results from inappropriate handling of malicious research subject input from log messages on session pages, which may lead to storage-type cross-site script attacks.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
AlgoNet Lab
Published
2026-02-06
Last Modified
2026-02-24
References
https://github.com/AlgoNetLab/OrcaStatLLM-Researcher/security/advisories/GHSA-47wv-g894-82m4
Share on: