MidnightBSD

Advisories for algonet

CVE-2026-24903

OrcaStatLLM Researcher is an LLM Based Research Paper Generator. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Log Message in the Session Page in OrcaStatLLM-Researcher that allows attackers to inject and execute arbitrary JavaScript code in victims' browsers through malicious research topic inputs.

Products Affected

Vendor Product Version
algonet orcastatllm_researcher 1