PT-2023-29956 · Unknown · Sd-Webui-Infinite-Image-Browsing
Name of the Vulnerable Software and Affected Versions: sd-webui-infinite-image-browsing extension versions before 977815a Description: The issue allows remote attackers to read any local file via the "/file?path=" endpoint in the URL, as demonstrated by reading /proc/self/environ to discover...