Lucene search
+L

4 matches found

nvd
nvd
added 2024/06/27 7:15 p.m.33 views

CVE-2024-5820

An unprotected WebSocket connection in the latest version of stitionai/devika commit ecee79f allows a malicious website to connect to the backend and issue commands on behalf of the user. The backend serves all listeners on the given socket, enabling any such malicious website to intercept all...

8.8CVSS0.00788EPSS
Exploits1References1
cvelist
cvelist
added 2024/06/27 6:40 p.m.32 views

CVE-2024-5820 Unprotected WebSocket in stitionai/devika

An unprotected WebSocket connection in the latest version of stitionai/devika commit ecee79f allows a malicious website to connect to the backend and issue commands on behalf of the user. The backend serves all listeners on the given socket, enabling any such malicious website to intercept all...

7.6CVSS0.00788EPSS
Exploits1References1
cve
cve
added 2024/06/27 6:40 p.m.53 views

CVE-2024-5820

CVE-2024-5820 describes an unprotected WebSocket in the stitionai/devika backend (commit ecee79f). This vulnerability allows a malicious website to connect to the backend, issue commands on behalf of the user, and have the backend serve all listeners on the socket, enabling interception of user-b...

8.8CVSS7.7AI score0.00788EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2024/06/27 6:40 p.m.20 views

CVE-2024-5820 Unprotected WebSocket in stitionai/devika

An unprotected WebSocket connection in the latest version of stitionai/devika commit ecee79f allows a malicious website to connect to the backend and issue commands on behalf of the user. The backend serves all listeners on the given socket, enabling any such malicious website to intercept all...

7.6CVSS7.7AI score0.00788EPSS
Exploits1References1
Rows per page
Query Builder