CVE-2024-38522 Information

Description

Hush Line is a free and open-source anonymous-tip-line-as-a-service for organizations or individuals. The CSP policy applied on the tips.hushline.app website and bundled by default in this repository is trivial to bypass. This vulnerability has been patched in version 0.1.0.

Reference

https://github.com/scidsg/hushline/security/advisories/GHSA-r85c-95x7-4h7q https://github.com/scidsg/hushline/commit/2bbeae78a24ca2cd893f32a1812f5f6634cb21b6