CVE-2021-43775

Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...

Aim 跨站脚本漏洞

Aim is an easy-to-use and high-performance open source experiment tracker from Aim Open Source USA. Aim version 3.19.3 suffers from a cross-site scripting vulnerability that stems from incorrect neutralization of inputs during web page generation, which results in susceptibility to cross-site...