Описание
A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:clear:clearml_enterprise_server:3.22.5-1533:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00347
Низкий
9 Critical
CVSS3
8.2 High
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 9
github
около 1 года назад
A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability.
EPSS
Процентиль: 57%
0.00347
Низкий
9 Critical
CVSS3
8.2 High
CVSS3
Дефекты
CWE-79