Lucene search
HistoryMay 22, 2024 - 5:15 a.m.
CVE-2024-31395
cross-site scripting
a-blog cms
versions
privilege escalation
web browser
exploitation
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with an editor or higher privilege who can log in to the product may execute an arbitrary script on the web browser of the user who accessed the schedule management page.
Related
vulnrichment
vulnrichment
CVE-2024-31395
2024-05-22 04:35:37
cvelist
cvelist
CVE-2024-31395
2024-05-22 04:35:37
cve
cve
CVE-2024-31395
2024-05-22 05:15:53
jvn
jvn
JVN#70977403: Multiple vulnerabilities in a-blog cms
2024-04-10 00:00:00