CVE-2025-43714

Published: May 19, 2025

Modified: May 19, 2025

PUBLISHED

Description

The ChatGPT system through 2025-03-30 performs inline rendering of SVG documents (instead of, for example, rendering them as text inside a code block), which enables HTML injection within most modern graphical web browsers.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://medium.com/@zer0dac/chatgpt-a-potential-phishing-vector-via-html-injection-bf703c79590a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-43714

Description

Affected Products

References