Lucene search
K

4 matches found

NVD
NVD
added 2025/03/20 10:15 a.m.25 views

CVE-2024-11045

A Cross-Site WebSocket Hijacking CSWSH vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability arises from the lack of proper validation on WebSocket connections at...

9.6CVSS0.00375EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.28 views

CVE-2024-11045 Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui

A Cross-Site WebSocket Hijacking CSWSH vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability arises from the lack of proper validation on WebSocket connections at...

9.6CVSS0.00375EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.10 views

CVE-2024-11045 Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui

A Cross-Site WebSocket Hijacking CSWSH vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability arises from the lack of proper validation on WebSocket connections at...

9.6CVSS9AI score0.00375EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.48 views

CVE-2024-11045

The CVE-2024-11045 CSWSH issue affects automatic1111/stable-diffusion-webui 1.10.0, where lack of validation for WebSocket connections at ws://127.0.0.1:7860/queue/join enables unauthorized actions such as cloning server extensions, running malicious scripts, data exfiltration, and potential DoS....

9.6CVSS9AI score0.00375EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder