{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T03:39:48.828","vulnerabilities":[{"cve":{"id":"CVE-2024-55888","sourceIdentifier":"security-advisories@github.com","published":"2024-12-12T20:15:22.017","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hush Line is an open-source whistleblower management system. Starting in version 0.1.0 and prior to version 0.3.5, the productions server appeared to have been misconfigured and missed providing any content security policy or security headers. This could result in bypassing of cross-site scripting filters. Version 0.3.5 fixed the issue."},{"lang":"es","value":"Hush Line es un sistema de gestión de denunciantes de código abierto. A partir de la versión 0.1.0 y antes de la versión 0.3.5, el servidor de producción parecía estar mal configurado y no proporcionaba ninguna política de seguridad de contenido ni encabezados de seguridad. Esto podía provocar que se eludieran los filtros de Cross-Site Scripting. La versión 0.3.5 solucionó el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1021"}]}],"references":[{"url":"https://github.com/scidsg/hushline/security/advisories/GHSA-m592-g8qv-hrqx","source":"security-advisories@github.com"}]}}]}