CVE-2024-12841

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-12841
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-12841.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-12841
Published
2024-12-20T19:15:06Z
Modified
2025-01-08T15:35:31.933773Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability was found in Emlog Pro up to 2.4.1. It has been classified as problematic. This affects an unknown part of the file /admin/tag.php. The manipulation of the argument keyword leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References

Affected packages

Git / github.com/emlog/emlog

Affected ranges

Type
GIT
Repo
https://github.com/emlog/emlog
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

5.*

5.3.1

6.*

6.0.0
6.1.0

Other

ci
pro-test-01
pro-test-02

emlog_5.*

emlog_5.1.2
emlog_5.1.3
emlog_5.2.0
emlog_5.2.1
emlog_5.3.0

pro-1.*

pro-1.0.1
pro-1.0.2
pro-1.0.3
pro-1.0.4
pro-1.0.5
pro-1.0.6
pro-1.0.7
pro-1.0.8
pro-1.1.0
pro-1.1.1
pro-1.2.0
pro-1.2.1
pro-1.2.2
pro-1.3.0
pro-1.3.1
pro-1.4.0
pro-1.5.0
pro-1.5.0.new
pro-1.5.1
pro-1.6.0
pro-1.7.0
pro-1.7.1
pro-1.8.0
pro-1.9.0
pro-1.9.1
pro-1.9.2
pro-1.9.3

pro-2.*

pro-2.0.0
pro-2.0.1
pro-2.0.2
pro-2.0.3
pro-2.1.0
pro-2.1.1
pro-2.1.10
pro-2.1.11
pro-2.1.12
pro-2.1.13
pro-2.1.14
pro-2.1.15
pro-2.1.2
pro-2.1.3
pro-2.1.4
pro-2.1.5
pro-2.1.6
pro-2.1.7
pro-2.1.8
pro-2.1.9
pro-2.2.0
pro-2.2.1
pro-2.2.10
pro-2.2.11
pro-2.2.2
pro-2.2.3
pro-2.2.4
pro-2.2.5
pro-2.2.6
pro-2.2.7
pro-2.2.8
pro-2.2.9
pro-2.3.0
pro-2.3.1
pro-2.3.10
pro-2.3.11
pro-2.3.12
pro-2.3.13
pro-2.3.14
pro-2.3.15
pro-2.3.16
pro-2.3.17
pro-2.3.18
pro-2.3.2
pro-2.3.3
pro-2.3.4
pro-2.3.5
pro-2.3.6
pro-2.3.7
pro-2.3.8
pro-2.3.9
pro-2.4.0
pro-2.4.1