CNNVD-202509-3235 Information
CNNVD ID
CNNVD-202509-3235
Related CVE
- CNNVD Published: 2025-09-22
Description (Chinese)
LiquidThemes MagicAI是英国LiquidThemes公司的一个AI软件。 LiquidThemes MagicAI 9.1版本存在安全漏洞,该漏洞源于对dashboard/user/generator/generate-stream端点中prompt参数输入清理不足,可能导致跨站脚本攻击。
Description (English)
LiquidThemes Magicai is an AI software of the British company LiquidThemes. There is a security loophole in version 9.1 of LiquidThemes MagicAI, which results from inadequate clearance of prompt parameters in the dashboard/user/generator/generate-stream endpoint, which may result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Litestar
Published
2025-09-22
Last Modified
2026-02-24
References
https://codecanyon.net/item/magicai-openai-content-text-image-chat-code-generator-as-saas/45408109 https://access.redhat.com/security/cve/cve-2025-57203
Patch
https://codecanyon.net/item/magicai-openai-content-text-image-chat-code-generator-as-saas/45408109
Share on: