Enviar #588224: comfyui 0.3.39 Cross Site Scriptinginformación

Títulocomfyui 0.3.39 Cross Site Scripting
DescripciónComfyUI is vulnerable to Cross Site Scripting vulnerability. Attackers can exploit the vulnerability by uploading .svg, .xhtml, etc., files containing the trigerable javascript payloads, which bypasses the patch for CVE-2024-10099.
Fuente⚠️ https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4
Usuario
 Gavin Zhong (UID 84092)
Sumisión2025-06-01 00:22 (hace 1 Año)
Moderación2025-06-15 01:09 (14 days later)
EstadoAceptado
Entrada de VulDB312559 [comfyanonymous comfyui hasta 0.3.39 Incomplete Fix CVE-2024-10099 /upload/image secuencias de comandos en sitios cruzados]
Puntos16

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!