CVE-2024-33928

Name of the Vulnerable Software and Affected Versions CodeBard's Patron Button and Widgets for Patreon versions n/a through 2.2.0

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS.

Recommendations For versions n/a through 2.2.0, update to a version later than 2.2.0 to resolve the issue. As a temporary workaround, consider restricting input to prevent malicious scripts from being injected into the web page generation process.