Description

Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability.

INFO

Published Date :

2024-09-20T18:53:01.373Z

Last Modified :

2024-09-20T20:09:40.416Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-42346 vulnerability.

Vendors Products
Galaxyproject
  • Galaxy
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-42346.

URL Resource
https://github.com/galaxyproject/galaxy/security/advisories/GHSA-x6w7-3gwf-qr9r cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact