What the vulnerability does

01Description

An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.

Key dates

02Disclosure timeline

May 26, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE