CVE-2020-18964

Cross Site Request Forgery CSRF Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges...

ForestBlog 安全漏洞

ForestBlog is a blogging system. A cross-site scripting vulnerability exists in ForestBlog 20250321 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data by the parameter keywords, and can be exploited by an attacker to execute arbitrary Web...

PT-2025-13809 · Unknown · Sayski Forestblog

Name of the Vulnerable Software and Affected Versions: Sayski ForestBlog versions up to 20250321 Description: A vulnerability has been found in Sayski ForestBlog, affecting an unknown functionality of the file /search. The manipulation of the keywords argument leads to cross-site scripting. The...

CVE-2024-57498

CVE-2024-57498 affects sayski ForestBlog (version 20241223). The vulnerability is a Cross-Site Scripting flaw in the article editing function that can allow a remote attacker to escalate privileges. Affected software/component: ForestBlog 20241223, sayski. Root cause: XSS in article editing. Impa...