Lucene search
VulnCheckCVELIST:CVE-2024-22048HistoryJan 04, 2024 - 8:39 p.m.
CVE-2024-22048 govuk_tech_docs XSS Vulnerability
2024-01-0420:39:59
CWE-79
VulnCheck
www.cve.org
govuk_tech_docs
xss
vulnerability
versions
2.0.2
3.3.0
cross-site scripting
0.001 Low
EPSS
Percentile
21.4%
govuk_tech_docs versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user’s browser if a malicious search result is displayed on the search page.
CNA Affected
[
{
"collectionURL": "https://rubygems.org",
"defaultStatus": "unaffected",
"packageName": "govuk_tech_docs",
"versions": [
{
"lessThan": "3.3.1",
"status": "affected",
"version": "2.0.2",
"versionType": "semver"
}
]
}
]Related
osv
osv
govuk_tech_docs vulnerable to unescaped HTML on search results page
2023-04-11 15:41:30
CVE-2024-22048
2024-01-04 21:15:09
cve
cve
CVE-2024-22048
2024-01-04 21:15:09
prion
prion
Cross site scripting
2024-01-04 21:15:00
github
github
govuk_tech_docs vulnerable to unescaped HTML on search results page
2023-04-11 15:41:30
veracode
veracode
Cross Site Scripting (XSS)
2024-01-05 09:57:26
nvd
nvd
CVE-2024-22048
2024-01-04 21:15:09