CVE-2023-41626 Information
Sep 21, 2023
cve
Description
Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Reference
https://gist.github.com/impose1/590472eb0544ef1ec36c8a5a40122adb
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
4.8
Share on: