Lucene search
China National Vulnerability DatabaseCNVD-2022-15524HistoryMar 01, 2022 - 12:00 a.m.
Weblate Cross-Site Scripting Vulnerability
2022-03-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
40.4%
A cross-site scripting vulnerability exists in Weblate, a Copyleft web-based free software continuous localization system, which stems from the failure of versions prior to 4.11 to properly neutralize user input used in the username and language fields. As a result of this improper neutralization, cross-site scripting could be executed through these fields. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| weblate weblate | lt | 4.11 |
Related
osv
osv
CVE-2022-24710
2022-02-25 21:15:08
BIT-weblate-2022-24710
2024-03-06 11:08:18
PYSEC-2022-35
2022-02-25 21:15:00
cve
cve
CVE-2022-24710
2022-02-25 21:15:08
cvelist
cvelist
CVE-2022-24710 Cross-site Scripting in Weblate
2022-02-25 20:50:11
veracode
veracode
Cross-site Scripting (XSS)
2022-02-28 10:11:10
prion
prion
Cross site scripting
2022-02-25 21:15:00
nvd
nvd
CVE-2022-24710
2022-02-25 21:15:08
github
github
Cross-site Scripting in Weblate
2022-02-25 22:18:50