CVE-2025-43714 Information

Description

The ChatGPT system through 2025-03-30 performs inline rendering of SVG documents (instead of for example rendering them as text inside a code block) which enables HTML injection within most modern graphical web browsers.

Reference

https://medium.com/@zer0dac/chatgpt-a-potential-phishing-vector-via-html-injection-bf703c79590a

Related CNNVD

CNNVD-202508-2045 (Published: 2025-08-18)