Medium severity6.1NVD Advisory· Published Mar 20, 2025· Updated Jun 17, 2026
CVE-2024-12374
CVE-2024-12374
Description
A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript in the victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2git 82a973c+ 1 more
- (no CPE)range: git 82a973c
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- huntr.com/bounties/3dae386a-f442-4be6-87ef-956606c8a6acnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.