Automatic1111: >> Stable-Diffusion-Webui >> 2024-07-27 Security Vulnerabilities
A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript in the victim's browser.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-03-20
A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitrary files on the system by sending a specially crafted request to the application.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-03-20