PT-2022-11279 · Emlog Pro · Emlog Pro

Blackqvq

Published

2022-06-09

Updated

2022-06-15

CVE-2021-40610

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Emlog Pro version 1.0.4

Description The issue is related to cross-site scripting (XSS) in the background management of Emlog Pro. Cross-site scripting (XSS) is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, which are then executed by the user's browser. This can allow the attacker to steal user data, take control of the user's session, or perform other malicious actions.

Recommendations For Emlog Pro version 1.0.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-40610

Affected Products

Emlog Pro

PT-2022-11279 · Emlog Pro · Emlog Pro

CVE-2021-40610

Weakness Enumeration

Related Identifiers

Affected Products

References · 4