CVE-2025-51859

Name of the Vulnerable Software and Affected Versions Chaindesk versions through 2025-05-26

Description A stored Cross-Site Scripting (XSS) vulnerability exists in the agent chat component. An attacker can execute arbitrary client-side scripts by creating an AI agent with a system prompt designed to embed malicious script payloads, such as SVG-based XSS, into chat responses. When a user interacts with the malicious agent or accesses a direct link to a conversation containing the XSS payload, the script executes in the user's browser. Successful exploitation may lead to the theft of sensitive information, such as JWT session tokens, potentially resulting in account hijacking.

Recommendations Versions through 2025-05-26 should be updated or patched as soon as possible. Consider implementing strict input validation and sanitization for all AI agent system prompts to prevent the injection of malicious scripts.