| Название | comfyui 0.3.39 Cross Site Scripting |
|---|
| Описание | ComfyUI is vulnerable to Cross Site Scripting vulnerability. Attackers can exploit the vulnerability by uploading .svg, .xhtml, etc., files containing the trigerable javascript payloads, which bypasses the patch for CVE-2024-10099. |
|---|
| Источник | ⚠️ https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4 |
|---|
| Пользователь | Gavin Zhong (UID 84092) |
|---|
| Представление | 01.06.2025 00:22 (1 Год назад) |
|---|
| Модерация | 15.06.2025 01:09 (14 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 312559 [comfyanonymous comfyui до 0.3.39 Incomplete Fix CVE-2024-10099 /upload/image межсайтовый скриптинг] |
|---|
| Баллы | 16 |
|---|