| Summary | gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this flaw in the definition of plural forms. |
|---|---|
| Publication Date | Aug. 16, 2024, 11:15 a.m. |
| Registration Date | Aug. 26, 2024, 5:02 p.m. |
| Last Update | Aug. 19, 2024, 10 p.m. |