Home

Description

DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which allows JavaScript execution through model-generated SVG content.

PUBLISHED Reserved 2025-10-27 | Published 2025-12-02 | Updated 2025-12-02 | Assigner mitre

References

medium.com/...g-based-xss-in-deepseek-chat-v3-2-db4ebc1f1f28

cve.org (CVE-2025-63872)

nvd.nist.gov (CVE-2025-63872)

Download JSON