Every CVE whose affected-product data names Ai3 Qbibot, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-3777 — CVSS 9.8 (critical): The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated remote attackers to reset any user's…
CVE-2024-3778 — CVSS 7.2 (high): The file upload functionality of Ai3 QbiBot does not properly restrict types of uploaded files, allowing remote attackers with…
CVE-2024-7204 — CVSS 6.1 (medium): Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. Once…