CVE-2024-9365
Cross-Site Request Forgery (CSRF) in polyaxon/polyaxon
A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to perform unauthorized actions in the context of the victim's browser. This includes creating projects, model versions, and artifact versions, or changing settings. The impact of this vulnerability includes potential data loss and service disruption.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products
polyaxon · polyaxon/polyaxonWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →