CVE-2022-34012

Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges...

OneBlog 代码问题漏洞

OneBlog is a Java blog. version v2.3.4 of OneBlog contains a server-side request forgery vulnerability in which the source parameter entryUrls fails to properly validate user input and can be exploited to probe the server's intranet resources...

OneBlog 安全漏洞

OneBlog is a beautiful, powerful Java blog. An authorization issue vulnerability exists in OneBlog v2.3.4, which stems from the presence of insecure privileges in the program, and can be exploited by an attacker to allow a low-level administrator to reset the password of a high-level administrato...

OneBlog 代码问题漏洞

OneBlog is a beautiful and powerful Java blog. OneBlog v2.3.4 version exists server-side request forgery vulnerability, the vulnerability stems from the Link module under the Logo parameter fails to correctly validate the user input, an attacker can use the vulnerability to probe the server...

OneBlog Permission License and Access Control Issues Vulnerability

OneBlog is a beautiful, powerful Java blog. OneBlog in version 2.2.8 and earlier suffers from a Permissions Permission and Access Control Issues vulnerability that arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker coul...

CVE-2021-46085

OneBlog = 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority...

CVE-2021-46085

OneBlog = 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority...

Design/Logic Flaw

OneBlog = 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority...

CVE-2021-46085

OneBlog = 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority...

CVE-2021-46085

CVE-2021-46085 relates to OneBlog versions 2.2.8 and earlier, described across multiple sources as a Permissions/Access Control issue. The vulnerability allows a low-level administrator to delete or remove a high-level administrator beyond their authority due to insecure permissions. Sources cons...

OneBlog 权限许可和访问控制问题漏洞

OneBlog is a beautiful, powerful Java blog. OneBlog in version 2.2.8 and earlier suffers from a Permissions Permission and Access Control Issues vulnerability that arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker coul...

OneBlog Cross-Site Scripting Vulnerability

OneBlog is a simple and beautiful , powerful and adaptive Java blog. The use of springboot development , front-end use Bootstrap. support for mobile adaptive , with a complete front-end and back-end management functions . OneBlog in version 2.2.8 before the existence of XSS vulnerability , the...

CVE-2021-46025

A Cross SIte Scripting XSS vulnerability exists in OneBlog = 2.2.8. via the add function in the operation tab list in the background...

CVE-2021-46025

A Cross SIte Scripting XSS vulnerability exists in OneBlog = 2.2.8. via the add function in the operation tab list in the background...

Cross site scripting

A Cross SIte Scripting XSS vulnerability exists in OneBlog = 2.2.8. via the add function in the operation tab list in the background...

CVE-2021-46025

The CVE-2021-46025 entry describes a Cross-Site Scripting (XSS) vulnerability in OneBlog

CVE-2021-46025

A Cross SIte Scripting XSS vulnerability exists in OneBlog = 2.2.8. via the add function in the operation tab list in the background...

OneBlog 跨站脚本漏洞

OneBlog is a simple and beautiful , powerful and adaptive Java blog. The use of springboot development , front-end use Bootstrap. support for mobile adaptive , with a complete front-end and back-end management functions . OneBlog in version 2.2.8 before the existence of XSS vulnerability , the...

XSS Vulnerability in OneBlog (CNVD-2021-14414)

OneBlog is a Java blog . Developed using springboot and Bootstrap on the front end. OneBlog has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...

XSS Vulnerability in OneBlog

OneBlog is a Java blog . Developed using springboot and Bootstrap on the front end. OneBlog has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...