MEDIUM
Openenergymonitor
CVE published 2017-02-12
CVE-2017-5964
CVE-2017-5964 is a cross-site scripting issue in Emoncms through 9.8.0. The problem is tied to insufficient filtering of user-supplied HTTP GET parameters in the compare.php visualization endpoint, allowing attacker-controlled HTML or script to run in the context of the vulnerable site. NVD rates the issue as medium severity with network reachability, no privileges required, and user interaction required.