CVE-2024-7790

Summary

A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input.

Affected Software

VendorProductVersion RangeStatus
DevikiaDevikaAI6acce21fb08c3d1123ef05df6a33912bf0ee77c2 <= currentaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References