CVE-2025-51863 PoC — ChatGPT Unli 跨站脚本漏洞

Source

https://github.com/Secsys-FDU/CVE-2025-51863

Associated Vulnerability

Title:ChatGPT Unli 跨站脚本漏洞 (CVE-2025-51863)
Description:Self Cross Site Scripting (XSS) vulnerability in ChatGPT Unli (ChatGPTUnli.com) thru 2025-05-26 allows attackers to execute arbitrary code via a crafted SVG file to the chat interface.

Readme

# CVE-2025-51863
## Vulnerability description

   ChatGPTUtil is a AI-powered chatbot assistant, providing access to both ChatGPT and an AI image generator. A Self Cross-Site Scripting (Self-XSS) vulnerability exists in the chat component. This can lead to cookie theft leading to remote account hijacking. 

## Attack Vectors

   The attack vector is the Network. To exploit this XSS vulnerability, an attacker must craft a malicious payload (i.e., an SVG XSS payload) and deliver it to the victim (e.g., via email, a malicious website, a forum post, or an instant message). The attack occurs when the victim pastes the payload into the ChatGPTUtil chat interface. The POC as following:

   ```
   <img src=x onerror=alert(document.cookie)>
   <svg xmlns="http://www.w3.org/2000/svg" version="1.1"><circle cx="100" cy="50" r="40" stroke="black" stroke-width="2" fill="red" /> <script>alert(document.cookie)</script></svg>
   ```

   ![Figure 1 POC of Self-XSS](./figure1.png)

## Vulnerability affected

   This vulnerability can have an impact on any user of https://www.chatgptunli.com. The cookie (contains the session and token) of user will be stolen when pastes the payload into the chat interface.

File Snapshot


 [4.0K]  /data/pocs/2a2ba49d2e1fa498cfcfb5b69cb494961570d154
├── [156K]  figure1.png
└── [1.2K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!