CVE-2024-33670 — Passbolt API before 4.6.2 allows HTML injection in a URL parameter, resulting in custom content being displayed when a user visits the crafted URL. Although the injected content is not executed as Jav — CVE Database · The Intelligence Room