OpenEnergyMonitor Emoncms 9.8.8

CPE Details

OpenEnergyMonitor Emoncms 9.8.8
openenergymonitor
emoncms
9.8.8
2019-07-15
12h26 +00:00
2019-07-15
12h26 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openenergymonitor:emoncms:9.8.8:*:*:*:*:*:*:*

Informations

Vendor

openenergymonitor

Product

emoncms

Version

9.8.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-26716 2021-02-21 04h53 +00:00 Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter.
6.1
Medium
CVE-2019-1010008 2019-07-14 23h54 +00:00 OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting (XSS). The impact is: Theoretically low, but might potentially enable persistent XSS (user could embed mal. code). The component is: Javascript code execution in "Name", "Location", "Bio" and "Starting Page" fields in the "My Account" page. File: Lib/listjs/list.js, line 67. The attack vector is: unknown, victim must open profile page if persistent was possible.
5.4
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.