CVE-2025-4022
CVE-2025-4022 concerns web-arena-x webarena up to version 0.2.0. The vulnerability lies in the function HTMLContentEvaluator located at we barena/evaluation_harness/evaluators.py, where manipulation of the argument target["url"] enables code injection. The attack is remote and the exploit has bee...