{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T14:35:25.410","vulnerabilities":[{"cve":{"id":"CVE-2024-34061","sourceIdentifier":"security-advisories@github.com","published":"2024-05-02T14:15:10.083","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. In affected versions Input in parameter notification_urls is not processed resulting in javascript execution in the application. A reflected XSS vulnerability happens when the user input from a URL or POST data is reflected on the page without being stored, thus allowing the attacker to inject malicious content. This issue has been addressed in version 0.45.22. Users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"changetection.io es un servicio gratuito de detección de cambios de páginas web, observador de sitios web, monitor de reabastecimiento y notificación de código abierto. En las versiones afectadas, la entrada en el parámetro Notification_urls no se procesa, lo que provoca la ejecución de JavaScript en la aplicación. Una vulnerabilidad XSS reflejada ocurre cuando la entrada del usuario desde una URL o datos POST se refleja en la página sin almacenarse, lo que permite al atacante inyectar contenido malicioso. Este problema se solucionó en la versión 0.45.22. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/dgtlmoon/changedetection.io/commit/c0f000b1d1ce03733460805dbbedde445fe2c762","source":"security-advisories@github.com"},{"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67","source":"security-advisories@github.com"},{"url":"https://github.com/dgtlmoon/changedetection.io/commit/c0f000b1d1ce03733460805dbbedde445fe2c762","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}