CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-38522

Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The CSP policy applied on the `tips.hushline.app` website and bundled by default in this repository is trivial to bypass. This vulnerability has been patched in version 0.1.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.0%

CVSS Severity

CVSS v3 Score 6.3

References

https://github.com/scidsg/hushline/commit/2bbeae78a24ca2cd893f32a1812f5f6634cb21b6
https://github.com/scidsg/hushline/security/advisories/GHSA-r85c-95x7-4h7q
https://github.com/scidsg/hushline/commit/2bbeae78a24ca2cd893f32a1812f5f6634cb21b6
https://github.com/scidsg/hushline/security/advisories/GHSA-r85c-95x7-4h7q

Products affected by CVE-2024-38522

Hushline » Hush Line » Version: Any

cpe:2.3:a:hushline:hush_line:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-38522

Products

Pricing

Contact Us