CVE-2024-31013

2024-04-0304:15:12

[email protected]

web.nvd.nist.gov

cross site scripting

remote attackers

arbitrary code execution

crafted payload

footer info parameter

cve-2024-31013

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to execute arbitrary code via a crafted payload to the bottom of the homepage in footer_info parameter.

References

github.com/emlog/emlog/issues/291