CVE-2024-3575: Cross-site Scripting (XSS) in mindsdb/mindsdb
When a user uploads a csv file that contains an javascript payload a Cross-site Scripting (XSS) is triggered when the file is viewed. This is true for both cloud version and OSS version.
References
Detect and mitigate CVE-2024-3575 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →