2 matches found
Apache Roller Cross-Site Request Forgery Vulnerability (CNVD-2024-47716)
Apache Roller is the United States Apache Apache Foundation of a Java-based multi-user open source blogging system . A cross-site request forgery vulnerability exists in Apache Roller versions prior to 6.1.4, which can be exploited by an attacker to elevate privileges...
ruibaby Halo Cross-Site Scripting Vulnerability
ruibaby Halo is a Java-based blogging system. A cross-site scripting vulnerability exists in ruibaby Halo version 0.0.2. A remote attacker can inject arbitrary web script or HTML by sending the commentAuthor field to the FrontCommentController.java file...