3 matches found
CVE-2024-11045
A Cross-Site WebSocket Hijacking CSWSH vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability arises from the lack of proper validation on WebSocket connections at...
CVE-2024-11045 Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui
A Cross-Site WebSocket Hijacking CSWSH vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability arises from the lack of proper validation on WebSocket connections at...
CVE-2024-11045
The CVE-2024-11045 CSWSH issue affects automatic1111/stable-diffusion-webui 1.10.0, where lack of validation for WebSocket connections at ws://127.0.0.1:7860/queue/join enables unauthorized actions such as cloning server extensions, running malicious scripts, data exfiltration, and potential DoS....