OneBlog Cross-Site Scripting Vulnerability

OneBlog is a Java blog. A cross-site scripting vulnerability exists in OneBlog v2.3.4, which stems from the lack of effective filtering and escaping of user-supplied data in the component rootpath/links, and can be exploited by an attacker to execute arbitrary web script or HTML by injecting a...

OneBlog Cross-Site Scripting Vulnerability

OneBlog is a Java blog. OneBlog suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data in the Role Management module, which can be exploited by an attacker to steal the victim's cookie-based authentication credentials...

CVE-2024-29473

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Role Management module...

CVE-2024-29472

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Privilege Management module...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

CVE-2024-29474

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Management module...

CVE-2024-29470

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the component rootpath/links...

CVE-2024-29472

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Privilege Management module...

CVE-2024-29469

A stored cross-site scripting XSS vulnerability in OneBlog v2.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category List parameter under the Lab module...

CVE-2024-29469

A stored cross-site scripting XSS vulnerability in OneBlog v2.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category List parameter under the Lab module...

CVE-2024-29470

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the component rootpath/links...

CVE-2024-29473

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Role Management module...

CVE-2024-29474

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Management module...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

CVE-2024-29474

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Management module...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

CVE-2024-29473

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Role Management module...

OneBlog 安全漏洞

OneBlog is a Java blog. OneBlog suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data in the Role Management module, which can be exploited by an attacker to steal the victim's cookie-based authentication credentials...

OneBlog 安全漏洞

OneBlog is a beautiful and powerful Java blog. A security vulnerability exists in OneBlog v2.3.4, which stems from a stored cross-site scripting XSS vulnerability in the Privilege Management module...

CVE-2024-29473

OneBlog v2.3.4 contains a stored cross-site scripting (XSS) vulnerability in the Role Management module. The issue stems from insufficient input filtering/escaping of user-supplied data, enabling attacker-supplied scripts to be stored and executed in the victim’s browser. CVSS data indicates low ...