CVE-2025-6092

Summary

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
comfyanonymouscomfyui0.3.0affected
comfyanonymouscomfyui0.3.1affected
comfyanonymouscomfyui0.3.2affected
comfyanonymouscomfyui0.3.3affected
comfyanonymouscomfyui0.3.4affected
comfyanonymouscomfyui0.3.5affected
comfyanonymouscomfyui0.3.6affected
comfyanonymouscomfyui0.3.7affected
comfyanonymouscomfyui0.3.8affected
comfyanonymouscomfyui0.3.9affected
comfyanonymouscomfyui0.3.10affected
comfyanonymouscomfyui0.3.11affected
comfyanonymouscomfyui0.3.12affected
comfyanonymouscomfyui0.3.13affected
comfyanonymouscomfyui0.3.14affected
comfyanonymouscomfyui0.3.15affected
comfyanonymouscomfyui0.3.16affected
comfyanonymouscomfyui0.3.17affected
comfyanonymouscomfyui0.3.18affected
comfyanonymouscomfyui0.3.19affected
comfyanonymouscomfyui0.3.20affected
comfyanonymouscomfyui0.3.21affected
comfyanonymouscomfyui0.3.22affected
comfyanonymouscomfyui0.3.23affected
comfyanonymouscomfyui0.3.24affected
comfyanonymouscomfyui0.3.25affected
comfyanonymouscomfyui0.3.26affected
comfyanonymouscomfyui0.3.27affected
comfyanonymouscomfyui0.3.28affected
comfyanonymouscomfyui0.3.29affected
comfyanonymouscomfyui0.3.30affected
comfyanonymouscomfyui0.3.31affected
comfyanonymouscomfyui0.3.32affected
comfyanonymouscomfyui0.3.33affected
comfyanonymouscomfyui0.3.34affected
comfyanonymouscomfyui0.3.35affected
comfyanonymouscomfyui0.3.36affected
comfyanonymouscomfyui0.3.37affected
comfyanonymouscomfyui0.3.38affected
comfyanonymouscomfyui0.3.39affected

Weaknesses

  • CWE-79: Cross Site Scripting
  • CWE-94: Code Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References