CVE-2025-2340 otale Tale Blog Site Settings save saveOptions cross site scripting

A vulnerability was found in otale Tale Blog 2.0.5. It has been declared as problematic. This vulnerability affects the function saveOptions of the file /options/save of the component Site Settings. The manipulation of the argument Site Title leads to cross site scripting. The attack can be...

CVE-2025-2340 otale Tale Blog Site Settings save saveOptions cross site scripting

A vulnerability was found in otale Tale Blog 2.0.5. It has been declared as problematic. This vulnerability affects the function saveOptions of the file /options/save of the component Site Settings. The manipulation of the argument Site Title leads to cross site scripting. The attack can be...

CVE-2025-2340

Summary (CVE-2025-2340): A cross-site scripting flaw affects Tale Blog 2.0.5, specifically the Site Settings component: the function /options/save.saveOptions accepts a manipulated Site Title, enabling remote XSS. The vulnerability’s root cause is input handling in the Site Title argument, leadin...

CVE-2025-2339

A vulnerability was found in otale Tale Blog 2.0.5. It has been classified as problematic. This affects an unknown part of the file /%61dmin/api/logs. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public an...

CVE-2025-2339 otale Tale Blog logs improper authentication

A vulnerability was found in otale Tale Blog 2.0.5. It has been classified as problematic. This affects an unknown part of the file /%61dmin/api/logs. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public an...

CVE-2025-2339 otale Tale Blog logs improper authentication

A vulnerability was found in otale Tale Blog 2.0.5. It has been classified as problematic. This affects an unknown part of the file /%61dmin/api/logs. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public an...

CVE-2025-2339

Summary of CVE-2025-2339 (otale Tale Blog 2.0.5): A vulnerability involving improper authentication was reported in Tale Blog 2.0.5. The issue affects an unknown part of the file /%61dmin/api/logs. It can be exploited remotely, and public exploitation is noted in the sources. The vulnerability is...

Tale Blog 授权问题漏洞

Tale Blog is a Java blog open-sourced by Tale Blog System. An authorization issue vulnerability exists in Tale Blog version 2.0.5, which stems from improper authentication and could lead to remote attacks...

Tale Blog 代码注入漏洞

Tale Blog is a Java blog open-sourced by Tale Blog System. A code injection vulnerability exists in Tale Blog version 2.0.5, which originates from cross-site scripting and could lead to remote attacks...

CVE-2025-24066

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-04-01 01:31:46+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9810...

CVE-2025-24075

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review...

CVE-2025-24996

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 18:42:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7218 2025-03-11 20:08:36+00:00| seen| https://t.me/cvedetector/20120...

CVE-2025-24046

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review...

CVE-2025-24048

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review...

CVE-2025-24049

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 17:48:35+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114145054849122960 2025-03-13 17:45:18+00:00| seen|...

CVE-2025-24072

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-19 02:49:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8015...

CVE-2025-24078

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 18:42:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7207...

CVE-2025-25008

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 20:08:27+00:00| seen| https://t.me/cvedetector/20114...

CVE-2025-26629

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 20:08:26+00:00| seen| https://t.me/cvedetector/20112 2025-03-13 17:45:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7457...

CVE-2025-26627

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 20:08:28+00:00| seen| https://t.me/cvedetector/20115 2025-03-13 17:45:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7458...