Medium severity6.1NVD Advisory· Published Jul 18, 2018· Updated Jun 17, 2026
CVE-2018-14380
CVE-2018-14380
Description
In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.graylog2:graylog2-serverMaven | < 2.4.6 | 2.4.6 |
Affected products
1Patches
Vulnerability mechanics
References
4- www.graylog.org/post/announcing-the-release-of-graylog-2-4-6nvdPatchRelease NotesVendor AdvisoryWEB
- github.com/Graylog2/graylog2-server/pull/4904nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-38hf-xjmx-jrh8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-14380ghsaADVISORY
News mentions
0No linked articles in our index yet.