Description

A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of binary-husky/gpt_academic version 3.9.0. This vulnerability allows an attacker to inject malicious scripts into the `debug_log.html` file generated by the module. When an admin visits this debug report, the injected scripts can execute, potentially leading to unauthorized actions and data access.

INFO

Published Date :

2025-03-20T10:10:24.705Z

Last Modified :

2025-03-20T18:21:58.409Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2025-0183 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-0183.

URL Resource
https://huntr.com/bounties/53bced90-64a9-4ca2-8f2f-282c4ce84d1f cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact