CVE-2025-51864

Published
View on NVD ↗
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT tokens.

Secsys-FDU/CVE-2025-51864
Secsys-FDU/CVE-2025-51864
GitHubGitHub