4 matches found
CVE-2025-28102
creationtimestamp| type| source ---|---|--- 2025-04-21 18:02:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12720 2025-04-21 19:49:34+00:00| seen| https://t.me/cvedetector/23449 2025-04-21 20:59:12+00:00| seen|...
CVE-2025-28102
FlaskBlog v2.6.1 is affected by a cross-site scripting (XSS) vulnerability exposed via the postContent parameter at /createpost. The issue stems from allowing arbitrary script/HTML injection, enabling attackers to run client-side code. Available connected reports confirm the affected software ver...
CVE-2025-28102
A cross-site scripting XSS vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent parameter at /createpost...
CVE-2025-28102
A cross-site scripting XSS vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent parameter at /createpost...