📦 Deepchat

DeepChat versions before 0.5.3 contain a critical vulnerability where unsafe Mermaid diagram rendering allows arbitrary JavaScript execution. This XSS flaw escalates to full remote code execution due ...

DeepChat versions 0.5.1 and below are vulnerable to cross-site scripting (XSS) attacks through improperly sanitized Mermaid diagram content. Attackers can bypass existing filters using unquoted HTML a...

DeepChat versions 0.5.0 and earlier contain a stored XSS vulnerability in the Mermaid diagram renderer that allows attackers to execute arbitrary JavaScript. This can be escalated to remote code execu...

This vulnerability in DeepChat's Mermaid chart rendering component allows cross-site scripting (XSS) that can lead to remote command execution. Attackers can inject malicious JavaScript that executes ...