4 matches found
CVE-2023-6571
A cross-site scripting XSS vulnerability was found in kubeflow's presentation of pipeline cards. This issue may allow an attacker to trick a user into visiting a specially crafted link that could inject malicious HTML into the victim's browser. The highest threat from this vulnerability is to dat...
CVE-2023-6571 Cross-site Scripting (XSS) - Reflected in kubeflow/kubeflow
Cross-site Scripting XSS - Reflected in kubeflow/kubeflow...
CVE-2023-6571 Cross-site Scripting (XSS) - Reflected in kubeflow/kubeflow
Cross-site Scripting XSS - Reflected in kubeflow/kubeflow...
CVE-2023-6571
CVE-2023-6571 is a reflected Cross-site Scripting (XSS) vulnerability in Kubeflow (kubeflow/kubeflow) affecting the presentation of pipeline cards. Root cause per the provided CNVD/Red Hat entries is lack of proper filtering/escaping of the source parameter of user-supplied data, enabling injecti...