Vulnerability	Vulnerable Version
M Open Redirect @lobehub/chat is a Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are vulnerable to Open Redirect via the OIDC redirect handling process. An attacker can cause users to be redirected to arbitrary domains by injecting malicious values into the `X-Forwarded-Host` or `X-Forwarded-Proto` headers. This is only exploitable if the deployment's reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or if the origin trusts these headers without validation. How to fix Open Redirect? Upgrade `@lobehub/chat` to version 1.130.1 or higher.	<1.130.1
H Cross-site Scripting (XSS) @lobehub/chat is a Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `SVGRender` component, which uses `dangerouslySetInnerHTML` to render SVG content from chat messages. An attacker can execute arbitrary code on the user's machine by injecting malicious SVG payloads into chat messages that trigger privileged IPC API calls. How to fix Cross-site Scripting (XSS)? Upgrade `@lobehub/chat` to version 1.129.4 or higher.	<1.129.4

Open Redirect

@lobehub/chat is a Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.

Affected versions of this package are vulnerable to Open Redirect via the OIDC redirect handling process. An attacker can cause users to be redirected to arbitrary domains by injecting malicious values into the X-Forwarded-Host or X-Forwarded-Proto headers. This is only exploitable if the deployment's reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or if the origin trusts these headers without validation.

How to fix Open Redirect?

Upgrade @lobehub/chat to version 1.130.1 or higher.

<1.130.1

Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the SVGRender component, which uses dangerouslySetInnerHTML to render SVG content from chat messages. An attacker can execute arbitrary code on the user's machine by injecting malicious SVG payloads into chat messages that trigger privileged IPC API calls.

How to fix Cross-site Scripting (XSS)?

Upgrade @lobehub/chat to version 1.129.4 or higher.

<1.129.4

Go back to all versions of this package