Vulnerabilities > Stitionai
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-24 | CVE-2024-40422 | Path Traversal vulnerability in Stitionai Devika 1.0 The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. | 9.1 |
2024-07-08 | CVE-2024-5711 | Cross-site Scripting vulnerability in Stitionai Devika A stored Cross-Site Scripting (XSS) vulnerability exists in the stitionai/devika chat feature, allowing attackers to inject malicious payloads into the chat input. | 6.1 |