POC详情: 491b58d1bfcc57acf902ee8daedf72c8973ff1f2

来源
https://github.com/Secsys-FDU/CVE-2025-51862
关联漏洞
标题: TelegAI 跨站脚本漏洞 (CVE-2025-51862)
描述:TelegAI是TelegAI公司的一个AI聊天机器人网站。 TelegAI 2025-05-26及之前版本存在跨站脚本漏洞,该漏洞源于不安全的直接对象引用,可能导致篡改其他用户对话和注入恶意内容。
介绍
# CVE-2025-51862
## Vulnerability description

   TelegAI, a web application for constructing and chatting with AI Characters, is vulnerable to Insecure Direct Object Reference (IDOR) in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and account hijacking via XSS.

## Attack Vectors

   TelegAI is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability concerning how conversation API is handled. The API `https://ywqesktuqvgsmgraors.supabase.co/functions/v1/chat` primarily relies on `profile_id` field in the request for authorization , leading to an IDOR or broken access control vulnerability. The `profile_id` is disclosed in each shared conversation, which can be easily collect with social engineering. By exploiting this vulnerability, an attacker can arbitrarily tamper conversations shared by other users, which may result in phishing attack, user spoofing and account hijacking via XSS (XSS is another vulnerability(CVE-2025-51860)). Figure 1 shows the POC of this IDOR.

   ![Figure 1 IDOR](./figure1.png)

   When change `profile_id`, the communication will be completed with victim's chat.

## Vulnerability affected

   This vulnerability can have an impact on any user of https://telegai.com. The of user's chat credit will be abused.
文件快照

 [4.0K]  /data/pocs/491b58d1bfcc57acf902ee8daedf72c8973ff1f2
├── [218K]  figure1.png
└── [1.4K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。