VYPR
High severity7.2NVD Advisory· Published Jul 25, 2024· Updated Jun 17, 2026

CVE-2024-41809

CVE-2024-41809

Description

OpenObserve is an open-source observability platform. Starting in version 0.4.4 and prior to version 0.10.0, OpenObserve contains a cross-site scripting vulnerability in line 32 of openobserve/web/src/views/MemberSubscription.vue. Version 0.10.0 sanitizes incoming html.

Affected products

2
  • Openobserve/Openobservellm-fuzzy2 versions
    0.4.4 <= version < 0.10.0+ 1 more
    • (no CPE)range: 0.4.4 <= version < 0.10.0
    • (no CPE)range: >= 0.4.4, < 0.10.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.