Go back

govuk_tech_docs XSS Vulnerability

severity
medium
date
Affecting
  • govuk_tech_docs versions starting at 2.0.2 up to 3.3.1

CVE
CVE-2024-22048
CVE type
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS
5.8
CVSS V3 Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L