CVE-2024-29469
CVE-2024-29469 involves a stored cross-site scripting (XSS) vulnerability in OneBlog v2.3.4. The issue stems from the Lab module’s Category List parameter, where user-supplied data is not properly filtered/escaped, allowing attackers to inject and execute arbitrary web scripts or HTML in the cont...