CVE-2024-38521 Information

Description

Hush Line is a free and open-source anonymous-tip-line-as-a-service for organizations or individuals. There is a stored XSS in the Inbox. The input is displayed using the safe Jinja2 attribute and thus not sanitized upon display. This issue has been patched in version 0.1.0.

Reference

https://github.com/scidsg/hushline/security/advisories/GHSA-4v8c-r6h2-fhh3