Security Advisory

CVE-2024-12374

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 10:08:49

Last updated 2025-03-20 19:02:09

Assigner @huntr_ai

State PUBLISHED

Description

A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript in the victims browser.

← Browse all CVEs View on cve.org ↗