Heguangyu5

Name of the Vulnerable Software and Affected Versions: Emlog versions 2.5.13 and earlier Description: Emlog is an open source website building system. The system has a deserialization issue. A user can create a carefully crafted nickname, causing `str replace` to replace the value of `name orig` with an empty value. This results in deserialization failing and returning `false`. Recommendations: For Emlog versions 2.5.13 and earlier, update to a version that includes the fix from commit 9643250802188b791419e3c2188577073256a8a2 to resolve the issue.