A cross-site scripting (XSS) vulnerability in all...
Critical severity
Unreviewed
Published
Feb 6, 2024
to the GitHub Advisory Database
•
Updated Feb 6, 2024
Description
Published by the National Vulnerability Database
Feb 6, 2024
Published to the GitHub Advisory Database
Feb 6, 2024
Last updated
Feb 6, 2024
A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI.
References