Moderate severityNVD Advisory· Published Aug 8, 2023· Updated Oct 10, 2024
CVE-2023-38758
CVE-2023-38758
Description
Cross Site Scripting vulnerability in wger Project wger Workout Manager v.2.2.0a3 allows a remote attacker to gain privileges via the license_author field in the add-ingredient function in the templates/ingredients/view.html, models/ingredients.py, and views/ingredients.py components.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
wgerPyPI | <= 2.2.0a3 | — |
Affected products
2- wger Project/wger Workout Managerdescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.