cvedb.io
CVE-2024-7204
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2024-08-02T11:16:43.987 · Last modified 2026-06-17T08:19:35.057

Summary

Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. Once the recipient views the message, they will be subject to a Stored XSS attack.

Affected products

ai3 — qbibot

Does this affect you?

Add your gear to cvedb and we'll alert you only when ai3 ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.