Vulnerabilities > Zenml > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-30 | CVE-2024-5062 | Unspecified vulnerability in Zenml A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. | 6.1 |
| 2024-06-06 | CVE-2024-2035 | Unspecified vulnerability in Zenml An improper authorization vulnerability exists in the zenml-io/zenml repository, specifically within the API PUT /api/v1/users/id endpoint. | 6.5 |
| 2024-06-06 | CVE-2024-2171 | Unspecified vulnerability in Zenml A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml repository, specifically within the 'logo_url' field. | 4.8 |
| 2024-06-06 | CVE-2024-2383 | Unspecified vulnerability in Zenml A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5 due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. | 6.1 |