Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2024/06/04 12:31 p.m.13 views

aa-prepflow (>=0.1.0 <=0.1.1), agentsociety2 (>=2.0.0 <=2.2.0) +116 more potentially affected by CVE-2024-37063 via ydata-profiling (>=4.0.0 <=4.7.0)

ydata-profiling PYPI version =4.0.0, =0.1.0, =2.0.0, =0.74.0, =1.0.0, =0.1.0, =0.8.0, =0.1.2, =1.0.0, =2.0.1, =2.2.1 - classifier-toolkit =0.1.0 and more Source cves: CVE-2024-37063 Source advisory: OSV:GHSA-2R57-2MRH-GGJV...

7.8CVSS5.5AI score0.00321EPSS
Exploits0
NVD
NVD
added 2024/06/04 12:15 p.m.11 views

CVE-2024-37063

A cross-site scripting XSS vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser...

7.8CVSS7AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 2024/06/04 12:2 p.m.39 views

CVE-2024-37063

CVE-2024-37063 is a cross-site scripting (XSS) vulnerability affecting the open-source library ydata-profiling (versions 3.7.0 and newer). The root cause, as cited by multiple sources, is insufficient sanitization of user-supplied inputs in reports, allowing malicious payloads to execute when a c...

7.8CVSS5.9AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 12:2 p.m.10 views

CVE-2024-37063

A cross-site scripting XSS vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser...

7.8CVSS5.7AI score0.00321EPSS
Exploits0References1
Rows per page
Query Builder