Description
An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This vulnerability can be exploited to conduct phishing attacks, distribute malware, and steal user credentials.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Affected products
- AUTOMATIC1111 / automatic1111/stable-diffusion-webuiunspecified – latest
Exploits & PoCs
- nucleiStable Diffusion Webui 1.10.0 - Open Redirectby DhiyaneshDK