Skip to main content

Gitops

1 CVEs product

Monthly

CVE-2022-38790 MEDIUM POC This Month

Weave GitOps Enterprise before 0.9.0-rc.5 has a cross-site scripting (XSS) bug allowing a malicious user to inject a javascript: link in the UI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gitops
NVD
CVSS 3.1
5.4
EPSS
0.7%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Weave GitOps Enterprise before 0.9.0-rc.5 has a cross-site scripting (XSS) bug allowing a malicious user to inject a javascript: link in the UI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gitops
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy