QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-52809

Back to search

CVE-2024-52809

Published: Nov 29, 2024

Modified: Dec 2, 2024

PUBLISHED

Description

vue-i18n is an internationalization plugin for Vue.js. In affected versions vue-i18n can be passed locale messages to `createI18n` or `useI18n`. When locale message ASTs are generated in development mode there is a possibility of Cross-site Scripting attack. This issue has been addressed in versions 9.14.2, and 10.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

VendorProductVersions

intlify

vue-i18n

affected
< 9.14.2
affected
>= 10.0.0, < 10.0.5

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now