{"id":"CVE-2024-3575","details":"Cross-site Scripting (XSS) - Stored in mindsdb/mindsdb","aliases":["GHSA-93c5-rj2p-w52x","PYSEC-2024-288"],"modified":"2026-05-20T08:11:27.278841336Z","published":"2024-04-16T00:15:12.930Z","references":[{"type":"EVIDENCE","url":"https://huntr.com/bounties/5f720b48-ddeb-4f2a-830f-a3dd15d5daa2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mindsdb/mindsdb","events":[{"introduced":"0"},{"last_affected":"fffe99398b867575334f836555ebf7fad8e868ce"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"23.6.3.1"}]}}],"versions":["2.14.0","2.20.1","2.21.0","2.21.1","2.21.2","2.30.0","2.31.0","2.33.0","2.36.0","2.36.0v2","2.37.0","2.38.0","v0.8.8","v0.8.9.1","v1.0.6","v2.0.0","v2.1.0","v2.1.1","v2.1.2","v2.10.0","v2.10.2","v2.11.0","v2.11.1","v2.11.2","v2.14.0","v2.15.0","v2.17.1","v2.2.0","v2.2.1","v2.26.0","v2.27.0","v2.3.0","v2.30.1","v2.35.0","v2.39.0","v2.4.0","v2.40.0","v2.41.0","v2.41.1","v2.41.2","v2.42.0","v2.42.1","v2.42.2","v2.43.0","v2.44.0","v2.45.0","v2.45.1","v2.45.2","v2.5.0","v2.6.0","v2.6.1","v2.7.0","v2.7.1","v2.7.2","v2.8.0","v2.8.1","v2.8.3","v2.9.0","v2.9.1","v22.11.4.0","v22.11.4.1","v22.11.4.2","v22.11.4.3","v22.12.4.0","v22.12.4.2","v22.12.4.3","v22.5.1.2","v23.1.3.0","v23.1.3.1","v23.1.3.2","v23.1.5.0","v23.2.1.0","v23.2.2.0","v23.2.2.1","v23.2.3.0","v23.2.3.1","v23.2.4.0","v23.2.4.1","v23.2.4.2","v23.2.4.3","v23.3.2.0","v23.3.3.0","v23.3.3.1","v23.3.3.2","v23.3.3.3","v23.3.3.4","v23.3.3.5","v23.3.4.0","v23.3.5.0","v23.4.3.0","v23.4.3.1","v23.4.3.2","v23.4.4.0","v23.4.4.1","v23.4.4.2","v23.4.4.3","v23.4.4.4","v23.5.3.1","v23.5.3.2","v23.5.4.1","v23.6.1.1","v23.6.2.0","v23.6.3.0","v23.6.3.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-3575.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}