CVE-2024-11044

Medium CVSS: 6.1

An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This vulnerability can be exploited to conduct phishing attacks, distribute malware, and steal user credentials.

Vendor

Automatic1111

Product

Stable-diffusion-webui

CWE

CWE-601

Yayın Tarihi

2025-03-20 10:15:23

Güncelleme

2025-08-05 16:40:28

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-601 Stable-diffusion-webui MEDIUM Automatic1111 2025

Referanslar

https://huntr.com/bounties/ee942e5e-4987-4f81-ba83-014fec6b33b3

Benzer Kayıtlar

Medium

CVE-2024-12074

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webu…

Medium

CVE-2024-12374

A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An…

Medium

CVE-2024-12375

A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a97…

Critical

CVE-2024-11045

A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an…

High

CVE-2024-10935

automatic1111/stable-diffusion-webui version 1.10.0 contains a vulnerability where the server fails to handle excessive…