RSS   Podatności dla 'Blog mini'   RSS

2021-08-27
 
CVE-2020-18998

CWE-79
 

 
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.

 
 
CVE-2020-18999

CWE-79
 

 
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.

 
2019-03-14
 
CVE-2019-9765

 

 
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.

 


Copyright 2024, cxsecurity.com

 

Back to Top