CVE-2025-8848 — MEDIUM (5.4)

Vulnerability Description

A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept-Language header. When a logged-in user sends an HTTP GET request with a crafted Accept-Language header, arbitrary HTML can be injected into the <html lang=""> tag of the response. This can lead to potential security risks such as cross-site scripting (XSS) attacks.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Librechat	Librechat	0.7.9

Related Weaknesses (CWE)

CWE-94 CWE-79

References

https://huntr.com/bounties/a05ebc1f-882a-4adc-b178-d3cefa4b730eExploitThird Party Advisory

FAQ

What is CVE-2025-8848?

CVE-2025-8848 is a vulnerability with a CVSS score of 5.4 (MEDIUM). A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept-Language header. When a logged-in user sends an HTTP GET request with a crafted Accept-Language header, ...

How severe is CVE-2025-8848?

CVE-2025-8848 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-8848?

Check the references section above for vendor advisories and patch information. Affected products include: Librechat Librechat.