CVE-2025-50733

NextChat contains a cross-site scripting (XSS) vulnerability in the HTMLPreview component of artifacts.tsx that allows attackers to execute arbitrary JavaScript code when HTML content is rendered in the AI chat interface. The vulnerability occurs because user-influenced HTML from AI responses is rendered in an iframe with 'allow-scripts' sandbox permission without proper sanitization. This can be exploited through specifically crafted prompts that cause the AI to generate malicious HTML/JavaScript code. When a user views the HTML preview, the injected JavaScript executes in the user's browser context, potentially allowing attackers to exfiltrate sensitive information (including API keys stored in localStorage), perform actions on behalf of the user, and steal session data.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/fai1424/Vulnerability-Research/blob/main/CVE-2025-50733/README.md
https://hackmd.io/@fai1424/BkgqMnNxgl
https://github.com/fai1424/Vulnerability-Research/blob/main/CVE-2025-50733/README.md

Configurations

No configuration.

History

26 Aug 2025, 14:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.1
CWE		CWE-79
Summary		(es) NextChat contiene una vulnerabilidad de cross-site scripting (XSS) en el componente HTMLPreview de artifacts.tsx que permite a los atacantes ejecutar código JavaScript arbitrario al renderizar contenido HTML en la interfaz de chat de la IA. Esta vulnerabilidad se produce porque el HTML generado por el usuario, procedente de las respuestas de la IA, se renderiza en un iframe con el permiso "allow-scripts" de sandbox sin la debida depuración. Esto puede explotarse mediante avisos manipulados específicamente que provocan que la IA genere código HTML/JavaScript malicioso. Cuando un usuario visualiza la vista previa HTML, el JavaScript inyectado se ejecuta en el contexto del navegador del usuario, lo que potencialmente permite a los atacantes extraer información confidencial (incluidas las claves de API almacenadas en localStorage), realizar acciones en nombre del usuario y robar datos de la sesión.
References	~~() https://github.com/fai1424/Vulnerability-Research/blob/main/CVE-2025-50733/README.md -~~	() https://github.com/fai1424/Vulnerability-Research/blob/main/CVE-2025-50733/README.md -

22 Aug 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-22 16:15

Updated : 2025-08-26 14:15

NVD link : CVE-2025-50733

Mitre link : CVE-2025-50733

CVE.ORG link : CVE-2025-50733

JSON object : View

Products Affected

No product.

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.1 /10