CVE-2025-66450 is a stored cross-site scripting (XSS) vulnerability identified in the LibreChat application, a ChatGPT clone with additional features. The vulnerability exists in versions 0.8.0 and below, where the iconURL parameter in the POST request used to submit user questions is not properly sanitized. This improper neutralization of script-related HTML tags (CWE-80) allows an attacker to inject malicious JavaScript code into chat messages. Because the malicious code is stored, it persists in the chat history and is executed whenever other users view the infected chat. This can be exploited to load external resources, such as trackers, which can compromise the privacy of users by leaking information about their activity or environment. The vulnerability does not require any authentication or privileges, and only requires user interaction in the form of viewing the malicious chat content. The CVSS 4.0 base score of 8.6 reflects the high impact on confidentiality and integrity, with network attack vector, low attack complexity, and no privileges required. The vulnerability is fixed in LibreChat version 0.8.1, where proper input validation and output encoding have been implemented to neutralize script tags in the iconURL parameter. No known exploits are currently reported in the wild, but the potential for privacy invasion and further exploitation through XSS remains significant.

For European organizations, this vulnerability poses a significant risk to user privacy and data integrity. Since LibreChat is a chat platform that may be used for internal communications or customer interactions, exploitation could lead to unauthorized disclosure of sensitive information through trackers or malicious scripts. The stored XSS nature means that once a malicious payload is injected, it can affect multiple users repeatedly, increasing the attack surface. Privacy regulations such as GDPR heighten the impact, as data leakage or tracking without consent can lead to regulatory penalties and reputational damage. Additionally, attackers could leverage this vulnerability to perform session hijacking, credential theft, or deliver further malware, escalating the threat beyond privacy loss. Organizations relying on LibreChat for communication must consider the risk of persistent malicious content and potential lateral movement within their networks.

The primary and most effective mitigation is to upgrade LibreChat to version 0.8.1 or later, where the vulnerability is patched. Organizations should implement strict input validation and output encoding on all user-supplied data, especially parameters like iconURL that are rendered in HTML contexts. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and loading of external resources. Monitor chat logs and shared content for suspicious or unexpected HTML/JavaScript code. Educate users about the risks of clicking on untrusted chat links and encourage reporting of unusual behavior. If upgrading immediately is not feasible, consider disabling the sharing feature or restricting it to trusted users only. Regularly audit and scan the application for XSS vulnerabilities using automated tools and penetration testing. Finally, ensure incident response plans include procedures for handling XSS exploitation and data leakage incidents.