Описание
An open redirect vulnerability in haotian-liu/llava version v1.2.0 (LLaVA-1.6) allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hliu:llava:1.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00178
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
github
11 месяцев назад
An open redirect vulnerability in haotian-liu/llava version v1.2.0 (LLaVA-1.6) allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft.
EPSS
Процентиль: 39%
0.00178
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601