Submeter #588224: comfyui 0.3.39 Cross Site Scriptinginformação

Título	comfyui 0.3.39 Cross Site Scripting
Descrição	ComfyUI is vulnerable to Cross Site Scripting vulnerability. Attackers can exploit the vulnerability by uploading .svg, .xhtml, etc., files containing the trigerable javascript payloads, which bypasses the patch for CVE-2024-10099.
Fonte	⚠️ https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4
Utilizador	Gavin Zhong (UID 84092)
Submissão	01/06/2025 00h22 (há 1 Ano)
Moderação	15/06/2025 01h09 (14 days later)
Estado	Aceite
Entrada VulDB	312559 [comfyanonymous comfyui até 0.3.39 Incomplete Fix CVE-2024-10099 /upload/image Script de Site Cruzado]
Pontos	16

Might our Artificial Intelligence support you?

Check our Alexa App!