CVE-2024-37063

Publication date

2024-06-04 12:02:53

Family

HiddenLayer

State

PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydatas ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser.