CVE-2022-38790
Summary : CVE-2022-38790 affects Weave GitOps Enterprise before 0.9.0-rc.5 with a cross-site scripting (XSS) vulnerability in the UI. An attacker can inject a javascript: link into the UI, which, when clicked by a victim, executes with the victim’s permissions. The exposure is surfaced in the Git...