Comfyui
CVE-2024-10099
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
A stored cross-site scripting (XSS) vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. The vulnerability occurs when an attacker uploads an HTML file containing a malicious XSS payload via the /api/upload/image endpoint. The payload is executed when the file is viewed through the /view API endpoint, leading to potential execution of arbitrary JavaScript code.
AnalysisAI
A stored cross-site scripting (XSS) vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. A stored cross-site scripting (XSS) vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. The vulnerability occurs when an attacker uploads an HTML file containing a malicious XSS payload via the /api/upload/image endpoint. The payload is executed when the file is viewed through the /view API endpoint, leading to potential execution of arbitrary JavaScript code. Affected products include: Comfy Comfyui. Version information: version 0.2.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF) vulnerability. Rated h
Path traversal in ComfyUI up to version 0.13.0 allows authenticated remote attackers to read arbitrary files on the serv
Path traversal in ComfyUI up to version 0.13.0 allows authenticated remote attackers to read arbitrary files via manipul
Cross-site request forgery (CSRF) in ComfyUI up to version 0.13.0 allows unauthenticated remote attackers to modify appl
Cross-site scripting (XSS) in ComfyUI up to version 0.13.0 allows authenticated remote attackers to inject malicious scr
Stored cross-site scripting (XSS) in ComfyUI's userdata endpoint (getuserdata function in app/user_manager.py) allows au
A CSRF vulnerability exists in comfyanonymous/comfyui versions up to v0.2.2. Rated medium severity (CVSS 6.5), this vuln
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today