emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web...
5.3CVSS
5.1AI Score
0.001EPSS
Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node...
6.1CVSS
5.9AI Score
0.001EPSS
OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting (XSS). The impact is: Theoretically low, but might potentially enable persistent XSS (user could embed mal. code). The component is: Javascript code execution in "Name", "Location", "Bio" and "Starting Page" fields in the....
5.4CVSS
5.4AI Score
0.001EPSS
An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "emoncms-master/Modules/vis/visualisations/compare.php" URL. An attacker could execute arbitrary HTML and script code in a...
6.1CVSS
6.4AI Score
0.002EPSS