PT-2024-37182 · Devika · Devika
Name of the Vulnerable Software and Affected Versions: stitutionai/devika version ecee79f Description: The issue arises from an unprotected WebSocket connection, allowing a malicious website to connect to the backend and issue commands on behalf of the user. This enables the malicious website to...