Vulnerabilities > Clear > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-24594 Cross-site Scripting vulnerability in Clear Clearml
A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI.
network
low complexity
clear CWE-79
5.4
2023-12-18 CVE-2023-6778 Unspecified vulnerability in Clear Clearml Server
Cross-site Scripting (XSS) - Stored in GitHub repository allegroai/clearml-server prior to 1.13.0.
network
low complexity
clear
5.4