RSS   Vulnerabilities for 'Oneblog'   RSS

2022-01-25
 
CVE-2021-46085

CWE-276
 

 
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.

 
2022-01-19
 
CVE-2021-46025

CWE-79
 

 
A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.

 


Copyright 2024, cxsecurity.com

 

Back to Top