CVE-2021-26924

CVE-2021-26924

EPSS 0.7%

An issue was discovered in Argo CD before 1.8.4. Browser XSS protection is not activated due to the missing XSS protection header.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/argoproj/argo-cd/compare/v1.8.3...v1.8.4 https://github.com/argoproj/argo-cd/security/advisories/GHSA-pg99-h5gc-446r