3 matches found
CVE-2024-12374
A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...
CVE-2024-12374 Stored XSS in automatic1111/stable-diffusion-webui
A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...
CVE-2024-12374
CVE-2024-12374 : Stored XSS in automatic1111/stable-diffusion-webui (git 82a973c). An attacker can upload an HTML file that the app treats as content-type application/html; when a victim visits the malicious link, arbitrary JavaScript runs in the browser. Connected documents confirm the vulnerabi...