CVE-2025-8848 | danny-avila librechat up to 0.7.9 on HTML HTTP GET Request cross site scripting

A vulnerability identified as problematic has been detected in danny-avila librechat up to 0.7.9 on HTML. This impacts an unknown function of the component HTTP GET Request Handler. Performing manipulation results in basic cross site scripting.

This vulnerability is known as CVE-2025-8848. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More