Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2024-22414

🗓️ 17 Jan 2024 21:12:15Reported by GoogleType 
osv
 osv🔗 osv.dev👁 8 Views

FlaskBlog app vulnerability CVE-2024-22414. Improper rendering allows execution of arbitrary javascript code. Removing `|safe` tag from `user.html` template is the remedy. No available fix, manual edits required.

Show more
Related
Refs
ReporterTitlePublishedViews
Family
Prion		Design/Logic Flaw
17 Jan 202421:15
prion
NVD		CVE-2024-22414
17 Jan 202421:15
nvd
CVE		CVE-2024-22414
17 Jan 202421:15
cve
Cvelist		CVE-2024-22414 User profile page vulnerable to Cross Site Scripting (XSS) in flaskBlog
17 Jan 202420:25
cvelist

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Jan 2024 21:15Current
7.5High risk
Vulners AI Score7.5
CVSS35.4
EPSS0.00056
flaskblogvulnerabilityimproper renderingarbitrary code executionhtml templateremediationmanual edit
8
.json
Report