| عنوان | comfyui 0.3.39 Cross Site Scripting |
|---|
| الوصف | ComfyUI is vulnerable to Cross Site Scripting vulnerability. Attackers can exploit the vulnerability by uploading .svg, .xhtml, etc., files containing the trigerable javascript payloads, which bypasses the patch for CVE-2024-10099. |
|---|
| المصدر | ⚠️ https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4 |
|---|
| المستخدم | Gavin Zhong (UID 84092) |
|---|
| ارسال | 01/06/2025 12:22 AM (1 سنة منذ) |
|---|
| الاعتدال | 15/06/2025 01:09 AM (14 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 312559 [comfyanonymous comfyui حتى 0.3.39 Incomplete Fix CVE-2024-10099 /upload/image البرمجة عبر المواقع] |
|---|
| النقاط | 16 |
|---|