Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-9365

A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to perform unauthorized actions in the context of the victim's browser. This includes creating projects, model versions, and artifact versions, or changing settings. The impact of this vulnerability includes potential data loss and service disruption.

Published

2025-03-20T10:15:48.467

Last Modified

2025-03-20T10:15:48.467

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.0: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-352

Affected Vendors & Products

References

https://huntr.com/bounties/cdfa012b-a694-4beb-9a9a-12a9dde07ef9 ([email protected])