CVE-2022-4642

Name of the Vulnerable Software and Affected Versions tatoeba2 versions prior to prod 2022-10-30

Description A vulnerability was found in the Profile Name Handler component of tatoeba2, which can lead to cross site scripting. The manipulation can be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For versions prior to prod 2022-10-30, upgrade to version prod 2022-10-30 to address this issue. As a temporary workaround, consider restricting access to the Profile Name Handler component until the upgrade is applied.