3 matches found
CVE-2023-29639
Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...
CVE-2023-29639
CVE-2023-29639 describes a cross-site scripting (XSS) vulnerability in ZHENFENG13 My-Blog. The root cause is that the default configuration does not use MyBlogUtils.cleanString, allowing an attacker to inject arbitrary script/HTML when editing a blog article. Impact is reflected as potential scri...
CVE-2023-29639
Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...