3 matches found
CVE-2023-47115
Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...
CVE-2023-47115 Label Studio XSS Vulnerability on Avatar Upload
Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...
CVE-2023-47115
creationtimestamp| type| source ---|---|--- 2024-01-23 22:24:16+00:00| published-proof-of-concept| https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x 2024-01-24 00:26:57+00:00| seen| https://t.me/ctinow/172427 2024-02-01 20:16:36+00:00| seen|...