Unknown · Oct8Ne Chatbot · CVE-2025-10869
**Name of the Vulnerable Software and Affected Versions**
Oct8ne Chatbot version 2.3
**Description**
A stored cross-site scripting (XSS) issue exists in Oct8ne Chatbot version 2.3. This allows an attacker to execute JavaScript code in a victim’s browser. The attack is performed by injecting a malicious payload through the creation of a transcript sent via email. Successful exploitation could lead to the theft of sensitive user data, such as session cookies, or the ability to perform actions as the user.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.