CVE-2024-38522
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-38522
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38522.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38522
- Aliases
-
- GHSA-r85c-95x7-4h7q
- Published
- 2024-06-28T17:03:19.661Z
- Modified
- 2025-11-30T09:46:55.931687Z
- Severity
-
- 6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- CSP bypass in Hush Line
- Details
-
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The CSP policy applied on the
tips.hushline.appwebsite and bundled by default in this repository is trivial to bypass. This vulnerability has been patched in version 0.1.0. - Database specific
{ "cwe_ids": [ "CWE-183" ], "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38522.json" }- References