CVE-2025-8848
published 2025-10-22CVE-2025-8848: A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept-Language header. When a logged-in user sends an HTTP GET…
PriorityP432medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
0.42%
33.9th percentile
A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept-Language header. When a logged-in user sends an HTTP GET request with a crafted Accept-Language header, arbitrary HTML can be injected into the tag of the response. This can lead to potential security risks such as cross-site scripting (XSS) attacks.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| danny-avila | danny-avila_librechat | unspecified – latest | — |
| librechat | librechat | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv3.04.8MEDIUMCVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
LibreChat <= 0.7.9 - HTML Injection via Accept-Language Header
nuclei·CVSS 5.4
CVE-2025-8848 [MEDIUM] LibreChat <= 0.7.9 - HTML Injection via Accept-Language Header
LibreChat {{marker}}"
matchers-condition: and
matchers:
- type: word
words:
- '{{marker}}">'
- 'LibreChat'
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022069b2e26ad679d8086bb3bd4577cd9caf9b7dae31b71ea38dce23b013aecd849e022100e43c5879c139c88b5c3f2998bcd17b1597a3e89a73ffb586dee296e08cb14d54:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2025-10-22
Published