Vulnerabilities > Stitionai

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-14	CVE-2024-7790	Cross-site Scripting vulnerability in Stitionai Devika A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input. network low complexity stitionai CWE-79	5.4
2024-08-04	CVE-2024-6331	Injection vulnerability in Stitionai Devika stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read (LFI) by Prompt Injection. network low complexity stitionai CWE-74	6.5
2024-07-24	CVE-2024-40422	Path Traversal vulnerability in Stitionai Devika 1.0 The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. network low complexity stitionai CWE-22 critical	9.1
2024-07-08	CVE-2024-5711	Cross-site Scripting vulnerability in Stitionai Devika A stored Cross-Site Scripting (XSS) vulnerability exists in the stitionai/devika chat feature, allowing attackers to inject malicious payloads into the chat input. network low complexity stitionai CWE-79	6.1

Vulnerabilities > Stitionai {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Stitionai"}]}