Lucene search
Veracode Vulnerability DatabaseVERACODE:34435HistoryFeb 28, 2022 - 10:11 a.m.
Cross-site Scripting (XSS)
2022-02-2810:11:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.001 Low
EPSS
Percentile
40.4%
weblate is vulnerable to cross-site scripting. An attacker is able to inject malicious script via user name and language parameters because user inputs were not escaped.
References
github.com/advisories/GHSA-6jp6-9rf9-gc66
github.com/WeblateOrg/weblate/commit/22d577b1f1e88665a88b4569380148030e0f8389
github.com/WeblateOrg/weblate/commit/9e19a8414337692cc90da2a91c9af5420f2952f1
github.com/WeblateOrg/weblate/commit/f6753a1a1c63fade6ad418fbda827c6750ab0bda
github.com/WeblateOrg/weblate/security/advisories/GHSA-6jp6-9rf9-gc66
Related
cve
cve
CVE-2022-24710
2022-02-25 21:15:08
osv
osv
BIT-weblate-2022-24710
2024-03-06 11:08:18
CVE-2022-24710
2022-02-25 21:15:08
PYSEC-2022-35
2022-02-25 21:15:00
cvelist
cvelist
CVE-2022-24710 Cross-site Scripting in Weblate
2022-02-25 20:50:11
prion
prion
Cross site scripting
2022-02-25 21:15:00
nvd
nvd
CVE-2022-24710
2022-02-25 21:15:08
github
github
Cross-site Scripting in Weblate
2022-02-25 22:18:50
cnvd
cnvd
Weblate Cross-Site Scripting Vulnerability
2022-03-01 00:00:00