3 matches found
Cross site scripting
A stored Cross-site Scripting XSS vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an injection of a malicious payload into a blog post...
CVE-2023-22858 Stored cross-site scripting in BlogEngine.NET version 3.3.8.0
An Improper Access Control vulnerability in BlogEngine.NET 3.3.8.0, allows unauthenticated visitors to access the files of unpublished blogs...
PT-2023-18731 · Unknown · Blogengine.Net
Name of the Vulnerable Software and Affected Versions: BlogEngine.NET version 3.3.8.0 Description: A stored Cross-site Scripting XSS issue allows the injection of arbitrary JavaScript in the security context of a blog visitor through the upload of a specially crafted file. Recommendations: For...