4 matches found
CVE-2024-57783
The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because user input and LLM output are appended to the DOM with innerHTML in render.js, and because the Electron window can access Node.js APIs...
CVE-2024-57783
creationtimestamp| type| source ---|---|--- 2025-06-02 14:39:59+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqmyxpo3u5a2 2025-06-02 17:27:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqncetugvy2r...
CVE-2024-57783
The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because user input and LLM output are appended to the DOM with innerHTML in render.js, and because the Electron window can access Node.js APIs...
CVE-2024-57783
The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because user input and LLM output are appended to the DOM with innerHTML in render.js, and because the Electron window can access Node.js APIs...