CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

CNNVD•added 2025/07/07 12:0 a.m.•3 views

dify 跨站脚本漏洞

dify is an open source LLM application development platform from LangGenius Open Source. A cross-site scripting vulnerability exists in versions prior to dify 1.1.3, which stems from uncleared input in the Firefox browser and could lead to cross-site scripting attacks...

8CVSS7.1AI score0.00341EPSS

Exploits1References3

RedhatCVE•added 2025/06/23 8:40 a.m.•5 views

CVE-2025-49149

Dify is an open-source LLM app development platform. In version 1.2.0, there is insufficient filtering of user input by web applications. Attackers can use website vulnerabilities to inject malicious script code into web pages. This may result in a cross-site scripting XSS attack when a user...

6.1CVSS6.2AI score0.00231EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by