Security: HumanSignal/label-studio
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
XSS Vulnerability if `<Choices>` or `<Labels>` are used in labeling configGHSA-6xv9-957j-qfhg published
Feb 22, 2024 by jomboothModerate -
XSS Vulnerability on Data ImportGHSA-fq23-g58m-799r published
Jan 23, 2024 by jomboothModerate -
Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session TokensGHSA-f475-x83m-rx5m published
Nov 8, 2023 by jomboothCritical -
XSS Vulnerability on Avatar UploadGHSA-q68h-xwq5-mm7x published
Jan 23, 2024 by jomboothModerate -
Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` ProtectionsGHSA-p59w-9gqw-wj8r published
Jan 30, 2024 by jomboothModerate -
Object Relational Mapper Leak Vulnerability in Filtering TaskGHSA-6hjj-gq77-j4qw published
Nov 13, 2023 by jomboothHigh -
Nginx alias path traversal allows unauthenticated attackers to read all files on /label_studio/core/GHSA-cpmr-mw4j-99r7 published
Mar 24, 2023 by farioasHigh
Learn more about advisories related to HumanSignal/label-studio in the GitHub Advisory Database