CVE-2025-11952
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-31

Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)

Description
Stored Cross-site Scripting (XSS) in Oct8ne Chatbot v2.3. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting a malicious payload through the creation of a transcript that is sent by email. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user, throughΒ /Records/SendSummaryMail.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-31
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11952
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
oct8ne chatbot 2.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-11952 is a Stored Cross-Site Scripting (XSS) vulnerability in Oct8ne Chatbot version 2.3. It allows an attacker to inject malicious JavaScript code by creating a transcript that is sent via email through the '/Records/SendSummaryMail' endpoint. When the victim opens the email, the malicious script executes in their browser, potentially compromising their session and enabling unauthorized actions. [1]

Impact Analysis

This vulnerability can lead to theft of sensitive user data such as session cookies and allow attackers to perform unauthorized actions on behalf of the user. This can compromise user accounts and data integrity, potentially leading to further exploitation or data breaches. [1]

Detection Guidance

Detection can involve monitoring for suspicious activity targeting the '/Records/SendSummaryMail' endpoint, such as unusual POST requests containing JavaScript payloads in transcript creation. Additionally, inspecting email contents for injected scripts in summary mails sent by the chatbot can help identify exploitation attempts. Specific commands are not provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include updating the Oct8ne Chatbot to the latest version where the vulnerability has been fixed. Additionally, reviewing and restricting access to the '/Records/SendSummaryMail' endpoint and educating users to be cautious when opening emails containing chatbot transcripts can reduce risk. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11952. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart