CVE-2025-49833 GHSL-2025-045: GPT-SoVITS Command Injection vulnerability

GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is a command injection vulnerability in the webui.py openslice function. sliceoptroot and slice-inp-path takes user input, which is passed to the openslice function, which concatenates the use...