CVE-2024-31013

2024-04-0300:00:00

mitre

www.cve.org

cross site scripting

emlog pro 2.3

arbitrary code execution

crafted payload

remote attackers

homepage vulnerability

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to execute arbitrary code via a crafted payload to the bottom of the homepage in footer_info parameter.

References

github.com/emlog/emlog/issues/291