Vulnerabilities > Weave Works

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-38790 Cross-site Scripting vulnerability in Weave.Works Gitops
Weave GitOps Enterprise before 0.9.0-rc.5 has a cross-site scripting (XSS) bug allowing a malicious user to inject a javascript: link in the UI.
network
low complexity
weave-works CWE-79
5.4