A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI.
An attacker with minimal privilege level (authenticated user) can deliver a malicious payload that is subsequently rendered without proper sanitization in the Debug Samples tab of the ClearML web interface. When another user views this tab, the browser executes the embedded JavaScript code in the context of the application. The vulnerability works remotely over the network without requiring attacker interaction beyond initial payload preparation.
An attacker can hijack a user session, steal sensitive data (tokens, credentials, ML model information), and in a changed context (Scope:Changed) potentially affect resources beyond the victim's direct session. High impact ratings on confidentiality, integrity, and availability indicate the possibility of complete account takeover of the attacked user.
Apply patches available from the vendor according to the references. Additional temporary measures: restrict access to the ClearML web interface exclusively to trusted users and internal networks, monitor activity in the Debug Samples tab for anomalies.
All versions of the web server component of the Allegro AI ClearML platform (as described: 'all versions of the web server component').
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HClear Clearml
APPClearwszystkie wersje
Related vulnerabilities
Brak uwierzytelnienia w komponencie fileserver platformy ClearML
CSRF w ClearML API Server — podszywanie się pod użytkownika
Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s Cle...
A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform ...
Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulti...