CVE-2024-48057 - CERT CVE

  1. CVE-2024-48057

ID CVE-2024-48057
Sažetak localai <=2.20.1 is vulnerable to Cross Site Scripting (XSS). When calling the delete model API and passing inappropriate parameters, it can cause a one-time storage XSS, which will trigger the payload when a user accesses the homepage.
Reference
CVSS
Base: 0.0
Impact: None
Exploitability:None
Pristup
VektorSloženostAutentikacija
None None None
Impact
PovjerljivostCjelovitostDostupnost
None None None
CVSS vektor None
Zadnje važnije ažuriranje 04-11-2024 - 23:15
Objavljeno 04-11-2024 - 23:15