{"id":"CVE-2021-44584","details":"Cross-site scripting (XSS) vulnerability in index.php in emlog version \u003c= pro-1.0.7 allows remote attackers to inject arbitrary web script or HTML via the s parameter.","modified":"2026-04-10T04:41:26.566738Z","published":"2022-01-06T13:15:08.133Z","references":[{"type":"FIX","url":"https://github.com/emlog/emlog/issues/113"},{"type":"FIX","url":"https://github.com/emlog/emlog/commit/3f89610f721120ded3ff491cb9cd99d9927c7582"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/emlog/emlog","events":[{"introduced":"0"},{"last_affected":"0e2022d8217696cab76c9b41b5b322718f72c3df"},{"fixed":"3f89610f721120ded3ff491cb9cd99d9927c7582"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.7"}]}}],"versions":["5.3.1","6.0.0","6.1.0","emlog_5.1.2","emlog_5.2.0","emlog_5.2.1","emlog_5.3.0","pro-1.0.1","pro-1.0.2","pro-1.0.3","pro-1.0.4","pro-1.0.5","pro-1.0.6","pro-1.0.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44584.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}