3 matches found
CVE-2024-22048
govuktechdocs versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page...
CVE-2024-22048
creationtimestamp| type| source ---|---|--- 2024-01-04 22:31:42+00:00| seen| https://t.me/ctinow/163263 2024-01-05 01:35:29+00:00| seen| https://t.me/cibsecurity/74433 2024-01-24 09:41:22+00:00| seen| https://t.me/ctinow/172603...
CVE-2024-22048
CVE-2024-22048 affects govuk_tech_docs up to 3.3.1, with versions 2.0.2–3.3.0 vulnerable to a cross-site scripting (XSS) flaw in the search results page. The root cause is unescaped HTML rendered in search results, enabling malicious JavaScript to execute in a user’s browser when a crafted result...