8.1 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.5%
The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. This leads to remote code execution.
github.com/devspace-cloud/devspace/releases/tag/v4.14.0
github.com/devspace-cloud/devspace/tags