CVE-2019-20376

Name of the Vulnerable Software and Affected Versions ELOG version 3.1.4

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c. This could potentially lead to unauthorized actions on the affected system.

Recommendations For ELOG version 3.1.4, update to a newer version that contains a fix for this issue, as using a crafted SVG document could lead to the injection of arbitrary web script or HTML. At the moment, there is no information about a newer version that contains a fix for this vulnerability.