8 matches found
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
PT-2024-33086 · Xtreme1 · Xtreme1
Name of the Vulnerable Software and Affected Versions: xtreme1 versions prior to 0.9.2 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. It is triggered through the fileUrl parameter in the "/api/data/upload" API endpoint, allowing an attacker to make arbitrar...
Xtreme1 安全漏洞
Xtreme1 is an all-in-one open source platform for multimodal training data open-sourced by Xtreme1. A security vulnerability exists in Xtreme1 v0.9.1 and earlier versions that stems from vulnerability to a server-side request forgery attack that allows an attacker to make arbitrary requests to...
CVE-2024-48346
Affected software: xtreme1
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...