Vulnerability CVE-2023-6568


Published: 2023-12-07   Modified: 2023-12-14

Description:
Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlflow prior to 2.9.0.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Affected software
Lfprojects -> Mlflow 

 References:
https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709
https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1

Copyright 2024, cxsecurity.com

 

Back to Top