Vulnerability on argoproj-labs project

[ankitdn]

While working with the argoproj-lab project, this vulnerability was identified in the use of Argo CD (this dependency used by argoproj-lab). The vulnerability stems from inadequate filtering of user-inputted URLs, allowing the injection of malicious javascript: protocol handlers. This issue affects users who can edit repository configurations within Argo CD.

CVE Link CVE Report