CVE-2024-35644

Name of the Vulnerable Software and Affected Versions Preferred Languages versions through 2.2.2

Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a DOM-Based Cross-site Scripting condition. This allows for potential execution of malicious scripts within the application. The issue affects the way user-supplied data is handled during web page creation, potentially enabling an attacker to inject arbitrary code.

Recommendations Update Preferred Languages to a version later than 2.2.2.