CVE-2026-23960 | argoproj argo-workflows up to 3.6.16/3.7.7 Artifact Directory Listing cross site scripting (GHSA-cv78-6m8q-ph82)

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability was found in argoproj argo-workflows up to 3.6.16/3.7.7 and classified as problematic. This affects an unknown function of the component Artifact Directory Listing Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-23960. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-23960 | argoproj argo-workflows up to 3.6.16/3.7.7 Artifact Directory Listing cross site scripting (GHSA-cv78-6m8q-ph82)

Post correlati

CVE-2025-34070 | GFI Kerio Control 9.4.5 GFIAgent Service /proxy missing authentication

CVE-2024-10814 | Code Embed Plugin up to 2.5 on WordPress server-side request forgery

CVE-2024-13456 | nmedia Easy Quiz Maker Plugin up to 2.0 on WordPress Shortcode wqt-question cross site scripting

CVE-2025-40599 | SonicWall SMA 100 Web Management Interface unrestricted upload (SNWLID-2025-0014)