cvedb.io
CVE-2024-41809
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2024-07-25T21:15:11.310 · Last modified 2026-06-17T07:48:16.470

Summary

OpenObserve is an open-source observability platform. Starting in version 0.4.4 and prior to version 0.10.0, OpenObserve contains a cross-site scripting vulnerability in line 32 of `openobserve/web/src/views/MemberSubscription.vue`. Version 0.10.0 sanitizes incoming html.

Affected products

openobserve — openobserve

Does this affect you?

Add your gear to cvedb and we'll alert you only when openobserve ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.