JVN#48966481: a-blog cms vulnerable to URL spoofing

a-blog cms provided by appleple Inc. is a content management system CMS. a-blog cms contains an URL spoofing vulnerability CWE-451. Impact If an attacker sends a specially crafted request, the administrator of the product may be forced to access an arbitrary website when clicking a link in the...

JVN#34565930: Multiple vulnerabilities in a-blog cms

a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Improper input validation CWE-20 - CVE-2024-23180 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N| Base Score: 3.5 CVSS v2| AV:N/AC:M/Au:S/C:N/I:P/A:N| Base Score: 3.5...

JVN#73166466: a-blog cms vulnerable to cross-site scripting

a-blog cms provided by appleple Inc. is a content management system CMS. a-blog cms contains a cross-site scripting vulnerability in the standard template of the comment functionality. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the Patch Apply the patch...