Количество 2
Количество 2
CVE-2024-8556
A stored cross-site scripting (XSS) vulnerability exists in modelscope/agentscope, as of the latest commit 21161fe on the main branch. The vulnerability occurs in the view for inspecting detailed run information, where a user-controllable string (run ID) is appended and rendered as HTML. This allows an attacker to execute arbitrary JavaScript code in the context of the user's browser.
GHSA-6mf6-7j75-2m6f
AgentScope stored cross-site scripting (XSS) vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-8556 A stored cross-site scripting (XSS) vulnerability exists in modelscope/agentscope, as of the latest commit 21161fe on the main branch. The vulnerability occurs in the view for inspecting detailed run information, where a user-controllable string (run ID) is appended and rendered as HTML. This allows an attacker to execute arbitrary JavaScript code in the context of the user's browser. | CVSS3: 6.1 | 0% Низкий | 11 месяцев назад |
| GHSA-6mf6-7j75-2m6f AgentScope stored cross-site scripting (XSS) vulnerability | CVSS3: 6.1 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу