Headline
GHSA-93c5-rj2p-w52x: Cross-site Scripting (XSS) in mindsdb/mindsdb
When a user uploads a csv file that contains an javascript payload a Cross-site Scripting (XSS) is triggered when the file is viewed. This is true for both cloud version and OSS version.
Cross-site Scripting (XSS) in mindsdb/mindsdb
Moderate severity GitHub Reviewed Published Apr 16, 2024 to the GitHub Advisory Database • Updated Apr 16, 2024