CVE-2024-25837

A stored cross-site scripting XSS vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section...

CVE-2024-25837

A stored cross-site scripting XSS vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section...

CVE-2024-25837

A stored cross-site scripting XSS vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section...

CVE-2024-25837

A stored cross-site scripting XSS vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section...

PT-2024-21149 · Octobercms · October Cms Bloghub Plugin

Name of the Vulnerable Software and Affected Versions: October CMS Bloghub Plugin versions 1.3.8 and lower Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section. This can lead to the execution...

CVE-2024-25837

A stored cross-site scripting XSS vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section...

CVE-2024-25837

CVE-2024-25837 — Summary (concrete details from connected docs): The vulnerability is a stored XSS in the October CMS Bloghub Plugin, affecting versions 1.3.8 and earlier. The XSS occurs via a crafted payload in the Comments section, enabling execution of arbitrary web scripts or HTML in the vict...