Product
stitionai devika
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-7790
CVE-2024-6331
CVE-2024-40422
CVE-2024-5549
CVE-2024-5711
CVE-2024-5926
CVE-2024-5712
CVE-2024-5820
CVE-2024-5548
CVE-2024-5547
CVE-2024-5334
>= 2024-06-08
A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via
>= 2024-05-02
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read (LFI) by Promp
all versions
The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal at
all versions
A CORS misconfiguration in the stitionai/devika repository allows attackers to steal sensitive information such as logs, browser s
all versions
A stored Cross-Site Scripting (XSS) vulnerability exists in the stitionai/devika chat feature, allowing attackers to inject malici
all versions
A path traversal vulnerability in the get-project-files functionality of stitionai/devika allows attackers to read arbitrary files
all versions
A Cross-Site Request Forgery (CSRF) vulnerability was identified in the stitionai/devika application, affecting the latest version
all versions
An unprotected WebSocket connection in the latest version of stitionai/devika (commit ecee79f) allows a malicious website to conne
all versions
A directory traversal vulnerability exists in the stitionai/devika repository, specifically within the /api/download-project endpo
all versions
A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting
all versions
A local file read vulnerability exists in the stitionai/devika repository, affecting the latest version. The vulnerability is due