Vulnerability Database

299,584

Total vulnerabilities in the database

CVE-2025-0183

A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of binary-husky/gpt_academic version 3.9.0. This vulnerability allows an attacker to inject malicious scripts into the debug_log.html file generated by the module. When an admin visits this debug report, the injected scripts can execute, potentially leading to unauthorized actions and data access.

Published: Mar 20, 2025
Updated: Aug 2, 2025
CVE: CVE-2025-0183
Exploit:

No technical information available.

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
binary-husky / gpt_academic	3.90	3.90.x

https://huntr.com/bounties/53bced90-64a9-4ca2-8f2f-282c4ce84d1f

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo