Volerion logoVolerion
Volerion logoVolerion

SillyTavern Reflected Cross-Site Scripting Vulnerability in CORS Proxy Error Response

Vulnerability

A reflected cross-site scripting vulnerability has been identified in SillyTavern versions prior to 1.18.0. This issue arises in the CORS proxy middleware, where an attacker can inject malicious scripts through the 'url' parameter. When the 'fetch' function fails, the error response includes the unescaped URL, creating an opportunity for script execution in the context of the user.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the user's context, potentially leading to the theft of tokens and manipulation of user-visible behavior.

Remediation

Users are advised to update to SillyTavern version 1.18.0 or later. In addition, avoid including raw user input in HTML error responses without proper sanitization. If it is necessary to echo URLs, ensure they are HTML-escaped or output as plain text. Reinforcing the Content Security Policy can also help mitigate the impact of such reflected injections.

Added: May 29, 2026, 7:41 PM
Updated: May 29, 2026, 7:41 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
1.7
exploitability
6.2
remediation
0.0
relevance
9.3
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.