CVE-2024-50637

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/unopim/unopim/issues/41", "name": "https://github.com/unopim/unopim/issues/41", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": ""}, {"url": "https://github.com/unopim/unopim/releases/tag/v0.1.4", "name": "https://github.com/unopim/unopim/releases/tag/v0.1.4", "tags": ["Release Notes"], "refsource": ""}, {"url": "https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Unopim/Findings.md", "name": "https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Unopim/Findings.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-50637", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2024-11-06T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:webkul:unopim:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0.1.4"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-06-24T16:56Z"}