Unrated severityNVD Advisory· Published Nov 5, 2025· Updated Nov 6, 2025

CVE-2025-63417

Description

A Stored Cross-Site Scripting (XSS) vulnerability in the chat functionality of the SelfBest platform 2023.3 allows authenticated attackers to inject arbitrary web scripts or HTML via the chat message input field. This malicious content is stored and then executed in the context of other users' browsers when they view the malicious message, potentially leading to session hijacking, account takeover, or other client-side attacks.

Affected products

SelfBest platform/SelfBest platformdescription
SelfBest/SelfBestllm-fuzzy
Range: <=2023.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rohitchaudhary045.medium.com/cve-2025-63417-the-chatroom-compromise-stored-xss-in-selfbest-platform-f34ddcd984eamitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000