GHSA-8JHR-WPCM-HH4H label-studio vulnerable to Cross-Site Scripting (Reflected) via the label_config parameter.
Summary The vulnerability allows an attacker to inject a malicious script into the context of a web page, which can lead to data theft, unauthorized actions on behalf of the user, and other attacks. Details The vulnerability is reproducible when sending a properly formatted request to the POST...