CVE-2019-1010008

Name: CVE-2019-1010008
Creator: NVD / NIST
Published: 2019-07-15T02:15:10.433+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.90%

Last modified Jun 17, 2026

CVE-2019-1010008 is a vulnerability of currently unknown severity. OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting (XSS). The impact is: Theoretically low, but might potentially enable persistent XSS (user could embed mal. EPSS estimates a 0.90% chance of exploitation in the next 30 days.

Description

OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting (XSS). The impact is: Theoretically low, but might potentially enable persistent XSS (user could embed mal. code). The component is: Javascript code execution in "Name", "Location", "Bio" and "Starting Page" fields in the "My Account" page. File: Lib/listjs/list.js, line 67. The attack vector is: unknown, victim must open profile page if persistent was possible.

Metrics

EPSS Probability

0.90%

55.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Openenergymonitor	Emoncms	9.8.8

References

https://github.com/emoncms/emoncms/issues/763Exploit, Third Party Advisory
https://github.com/emoncms/emoncms/issues/763Exploit, Third Party Advisory

Timeline

Published: Jul 15, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-1010008?

How severe is CVE-2019-1010008?

Severity scoring for CVE-2019-1010008 is pending analysis. The EPSS model estimates a 0.90% probability of exploitation in the next 30 days.

How do I fix CVE-2019-1010008?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-1010008?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST