CVE-2025-51864 Information

Description

A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27 allowing attackers to hijack accounts through stolen JWT tokens.

Reference

https://github.com/Secsys-FDU/CVE-2025-51864

Related CNNVD

CNNVD-202507-2889 (Published: 2025-07-22)