CVE-2024-50637

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50637
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50637.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50637
Aliases
Published
2024-11-06T17:15:20Z
Modified
2025-05-24T03:23:00.883540Z
Summary
[none]
Details

UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies.

References

Affected packages

Git / github.com/unopim/unopim

Affected ranges

Type
GIT
Repo
https://github.com/unopim/unopim
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

v0.*

v0.1.0
v0.1.1
v0.1.2
v0.1.3