2 matches found
CVE-2024-1727 CSRF Vulnerability in gradio-app/gradio
A Cross-Site Request Forgery CSRF vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete...
CVE-2024-1727
Summary: CVE-2024-1727 describes a CSRF vulnerability in the Gradio application (gradio-app/gradio) that can allow an attacker to trigger unauthorized uploads of large files to a victim’s local Gradio server (gradio/routes.py), potentially exhausting disk space and causing a denial of service. Im...