2 matches found
PT-2026-41260
Name of the Vulnerable Software and Affected Versions mlflow versions prior to 3.10.0 Description An authentication bypass occurs when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authenticatio...
Cross-site Scripting (XSS)
ansibleguy-webui is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of user input in multiple forms, allowing injection of HTML elements which are then executed by the browser after job actions...