CVE-2024-48396

Name of the Vulnerable Software and Affected Versions AIML Chatbot versions prior to 2.0

Description The issue is related to Cross Site Scripting (XSS), where attackers can inject malicious HTML or JavaScript code through the message input field. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts.

Recommendations For versions prior to 2.0, update to version 2.0 to resolve the issue. As a temporary workaround, consider restricting user input in the message field to minimize the risk of exploitation.