Описание
A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model.
It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions.
EPSS
Процентиль: 9%
0.00033
Низкий
Дефекты
Связанные уязвимости
github
4 месяца назад
A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions.
EPSS
Процентиль: 9%
0.00033
Низкий