CVE-2024-31395
CVE-2024-31395 is an XSS vulnerability in a-blog cms where an attacker with editor-or-higher privileges who can log in may trigger arbitrary JavaScript in the browser of other users on the schedule-management page. Affected versions are: 3.1.x before 3.1.12; 3.0.x before 3.0.32; 2.11.x before 2.1...