CVE-2024-41809

Published
View on NVD ↗
CVSS v3
7.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

OpenObserve is an open-source observability platform. Starting in version 0.4.4 and prior to version 0.10.0, OpenObserve contains a cross-site scripting vulnerability in line 32 of `openobserve/web/src/views/MemberSubscription.vue`. Version 0.10.0 sanitizes incoming html.

openobserve/openobserve
openobserve/openobserve
Open source observability platform for logs, metrics, traces, frontend monitoring, pipelines and LLM observability. A sophisticated, simple and highly performant alternative to Datadog, Splunk, and Elasticsearch with 140x lower storage costs and single binary deployment.
GitHubGitHub
19.4K