CVE-2025-51863: Self Cross Site Scripting (XSS) vulnerability in ChatGPT Unli (ChatGPTUnli.com) thru 2025-05-26 allows attackers to exec
mediumvulnerabilityLLM-Specific
security
Summary
CVE-2025-51863 is a self XSS (cross-site scripting, where an attacker tricks a user into running malicious code on a website by injecting it into the page) vulnerability in ChatGPT Unli that was present through May 26, 2025. The vulnerability allows attackers to execute arbitrary code (run any commands they want) by uploading a specially crafted SVG file (a type of image format) to the chat interface.
Vulnerability Details
CVSS Score
6.1(medium)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack Type
Jailbreak
Attack SophisticationTrivial
Impact (CIA+S)
integrity
AI Component TargetedAPI
Affected Vendors
OpenAI
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-51863
First tracked: February 15, 2026 at 08:50 PM
Classified by LLM (prompt v3) · confidence: 75%