CVE-2024-9526

CVSS V2 None CVSS V3 None
Description
There exists a stored XSS Vulnerability in Kubeflow Pipeline View web UI. The Kubeflow Web UI allows to create new pipelines. When creating a new pipeline, it is possible to add a description. The description field allows html tags, which are not filtered properly. Leading to a stored XSS. We recommend upgrading past commit 930c35f1c543998e60e8d648ce93185c9b5dbe8d
Overview
  • CVE ID
  • CVE-2024-9526
  • Assigner
  • Google
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-11-18T13:30:21.818Z
  • Last Modified Date
  • 2024-11-18T14:12:09.870Z
References
History
Created Old Value New Value Data Type Notes
2024-11-19 13:41:57 Added to TrackCVE