CVE-2025-51862

Name of the Vulnerable Software and Affected Versions TelegAI versions through 2025-05-26

Description An Insecure Direct Object Reference (IDOR) vulnerability exists in the chat component of TelegAI. This allows an attacker to tamper with other users' conversations. Additionally, malicious content and Cross-Site Scripting (XSS) payloads can be injected, potentially leading to phishing attacks, user spoofing, and account hijacking via XSS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.