CVE-2024-24594

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
06/02/2024
Last modified:
15/02/2024

Description

A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI.<br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:clear:clearml:-:*:*:*:*:*:*:*