CVE-2025-59159 | SillyTavern up to 1.13.3 Web User Interface SILLYTAVERN_HOSTWHITELIST_ENABLED origin validation (GHSA-7cxj-w27x-x78q)

A vulnerability classified as critical has been found in SillyTavern up to 1.13.3. This affects an unknown function of the component Web User Interface. Performing manipulation of the argument SILLYTAVERN_HOSTWHITELIST_ENABLED results in origin validation error.

This vulnerability is identified as CVE-2025-59159. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More