Vulnerabilities > Clear > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-24594 | Cross-site Scripting vulnerability in Clear Clearml A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI. | 5.4 |
| 2023-12-18 | CVE-2023-6778 | Cross-site Scripting vulnerability in Clear Clearml Server Cross-site Scripting (XSS) - Stored in GitHub repository allegroai/clearml-server prior to 1.13.0. | 5.4 |