CVE-2026-23960 | argoproj argo-workflows up to 3.6.16/3.7.7 Artifact Directory Listing cross site scripting (GHSA-cv78-6m8q-ph82)

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability was found in argoproj argo-workflows up to 3.6.16/3.7.7 and classified as problematic. This affects an unknown function of the component Artifact Directory Listing Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-23960. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-23960 | argoproj argo-workflows up to 3.6.16/3.7.7 Artifact Directory Listing cross site scripting (GHSA-cv78-6m8q-ph82)

Post correlati

CVE-2025-12202 | ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1 cross-site request forgery

CVE-2023-6514 | Huawei AJMD-370S 103.1.0.110(SP12C00E2R1P2) Bluetooth Module logic error

CVE-2023-44381 | October CMS prior 3.4.15 Template injection

CVE-2025-10827 | PHPJabbers Restaurant Menu Maker up to 1.1 /preview.php theme cross site scripting