CVE-2025-32999

Cross-site scripting vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and prior to Ver. 3.0.47. This issue exists in a specific field in the entry editing screen, and exploitation requires contributor or higher level privileges. If this vulnerability is exploited, an arbitrary...

CVE-2025-32999

Cross-site scripting vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and prior to Ver. 3.0.47. This issue exists in a specific field in the entry editing screen, and exploitation requires contributor or higher level privileges. If this vulnerability is exploited, an arbitrary...

PT-2025-21218 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.43 a-blog cms versions prior to 3.0.47 Description: A cross-site scripting issue exists in a specific field in the entry editing screen of a-blog cms, requiring contributor or higher level privileges to exploi...

usememos/memos Improper Authorization vulnerability

In usememos/memos 0.9.0 and prior, an unauthorized user can access any private memo by URL hacking a memo on the editing screen...

OTRS 跨站脚本漏洞

OTRS is a service management software application from OTRS Germany. OTRS AG OTRS has a security vulnerability that originates from a request that can be generated for the appointment editing screen. An attacker could exploit the vulnerability to cause an XSS attack...