{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-6092", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-06-14T23:08:26.688Z", "datePublished": "2025-06-15T17:31:05.460Z", "dateUpdated": "2025-06-16T16:33:21.100Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-06-15T17:31:05.460Z"}, "title": "comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scripting", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "Cross Site Scripting"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "Code Injection"}]}], "affected": [{"vendor": "comfyanonymous", "product": "comfyui", "versions": [{"version": "0.3.0", "status": "affected"}, {"version": "0.3.1", "status": "affected"}, {"version": "0.3.2", "status": "affected"}, {"version": "0.3.3", "status": "affected"}, {"version": "0.3.4", "status": "affected"}, {"version": "0.3.5", "status": "affected"}, {"version": "0.3.6", "status": "affected"}, {"version": "0.3.7", "status": "affected"}, {"version": "0.3.8", "status": "affected"}, {"version": "0.3.9", "status": "affected"}, {"version": "0.3.10", "status": "affected"}, {"version": "0.3.11", "status": "affected"}, {"version": "0.3.12", "status": "affected"}, {"version": "0.3.13", "status": "affected"}, {"version": "0.3.14", "status": "affected"}, {"version": "0.3.15", "status": "affected"}, {"version": "0.3.16", "status": "affected"}, {"version": "0.3.17", "status": "affected"}, {"version": "0.3.18", "status": "affected"}, {"version": "0.3.19", "status": "affected"}, {"version": "0.3.20", "status": "affected"}, {"version": "0.3.21", "status": "affected"}, {"version": "0.3.22", "status": "affected"}, {"version": "0.3.23", "status": "affected"}, {"version": "0.3.24", "status": "affected"}, {"version": "0.3.25", "status": "affected"}, {"version": "0.3.26", "status": "affected"}, {"version": "0.3.27", "status": "affected"}, {"version": "0.3.28", "status": "affected"}, {"version": "0.3.29", "status": "affected"}, {"version": "0.3.30", "status": "affected"}, {"version": "0.3.31", "status": "affected"}, {"version": "0.3.32", "status": "affected"}, {"version": "0.3.33", "status": "affected"}, {"version": "0.3.34", "status": "affected"}, {"version": "0.3.35", "status": "affected"}, {"version": "0.3.36", "status": "affected"}, {"version": "0.3.37", "status": "affected"}, {"version": "0.3.38", "status": "affected"}, {"version": "0.3.39", "status": "affected"}], "modules": ["Incomplete Fix CVE-2024-10099"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "In comfyanonymous comfyui bis 0.3.39 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /upload/image der Komponente Incomplete Fix CVE-2024-10099. Mittels dem Manipulieren des Arguments image mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-06-14T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-06-15T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-06-15T01:14:03.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Gavin Zhong (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.312559", "name": "VDB-312559 | comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scripting", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.312559", "name": "VDB-312559 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.588224", "name": "Submit #588224 | comfyui 0.3.39 Cross Site Scripting", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-16T16:33:09.574670Z", "id": "CVE-2025-6092", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-16T16:33:21.100Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6092", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-16T16:33:09.574670Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-16T16:33:17.383Z"}}], "cna": {"title": "comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scripting", "credits": [{"lang": "en", "type": "reporter", "value": "Gavin Zhong (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "comfyanonymous", "modules": ["Incomplete Fix CVE-2024-10099"], "product": "comfyui", "versions": [{"status": "affected", "version": "0.3.0"}, {"status": "affected", "version": "0.3.1"}, {"status": "affected", "version": "0.3.2"}, {"status": "affected", "version": "0.3.3"}, {"status": "affected", "version": "0.3.4"}, {"status": "affected", "version": "0.3.5"}, {"status": "affected", "version": "0.3.6"}, {"status": "affected", "version": "0.3.7"}, {"status": "affected", "version": "0.3.8"}, {"status": "affected", "version": "0.3.9"}, {"status": "affected", "version": "0.3.10"}, {"status": "affected", "version": "0.3.11"}, {"status": "affected", "version": "0.3.12"}, {"status": "affected", "version": "0.3.13"}, {"status": "affected", "version": "0.3.14"}, {"status": "affected", "version": "0.3.15"}, {"status": "affected", "version": "0.3.16"}, {"status": "affected", "version": "0.3.17"}, {"status": "affected", "version": "0.3.18"}, {"status": "affected", "version": "0.3.19"}, {"status": "affected", "version": "0.3.20"}, {"status": "affected", "version": "0.3.21"}, {"status": "affected", "version": "0.3.22"}, {"status": "affected", "version": "0.3.23"}, {"status": "affected", "version": "0.3.24"}, {"status": "affected", "version": "0.3.25"}, {"status": "affected", "version": "0.3.26"}, {"status": "affected", "version": "0.3.27"}, {"status": "affected", "version": "0.3.28"}, {"status": "affected", "version": "0.3.29"}, {"status": "affected", "version": "0.3.30"}, {"status": "affected", "version": "0.3.31"}, {"status": "affected", "version": "0.3.32"}, {"status": "affected", "version": "0.3.33"}, {"status": "affected", "version": "0.3.34"}, {"status": "affected", "version": "0.3.35"}, {"status": "affected", "version": "0.3.36"}, {"status": "affected", "version": "0.3.37"}, {"status": "affected", "version": "0.3.38"}, {"status": "affected", "version": "0.3.39"}]}], "timeline": [{"lang": "en", "time": "2025-06-14T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-06-15T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-06-15T01:14:03.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.312559", "name": "VDB-312559 | comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scripting", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.312559", "name": "VDB-312559 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.588224", "name": "Submit #588224 | comfyui 0.3.39 Cross Site Scripting", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "In comfyanonymous comfyui bis 0.3.39 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /upload/image der Komponente Incomplete Fix CVE-2024-10099. Mittels dem Manipulieren des Arguments image mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Cross Site Scripting"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Code Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-06-15T17:31:05.460Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6092", "state": "PUBLISHED", "dateUpdated": "2025-06-16T16:33:21.100Z", "dateReserved": "2025-06-14T23:08:26.688Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-06-15T17:31:05.460Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en comfyui de comfyanonymous hasta la versi\u00f3n 0.3.39. Se ha declarado problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /upload/image del componente Incomplete Fix CVE-2024-10099. La manipulaci\u00f3n del argumento \"image\" provoca cross-site-scripting. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3."}], "id": "CVE-2025-6092", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-06-15T18:15:19.037", "references": [{"source": "cna@vuldb.com", "url": "https://gist.github.com/superboy-zjc/96f0d56da584d840ba18355cbea96ac4"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.312559"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.312559"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.588224"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{}

{}