37 matches found
CVE-2024-29469
A stored cross-site scripting XSS vulnerability in OneBlog v2.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category List parameter under the Lab module...
Security Bulletin: Vulnerabilities in OpenSSL affect Cloud Pak System
Summary Vulnerabilities identified in OpenSSL affect Cloud Pak System. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS...
CVE-2024-29472
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Privilege Management module...
CVE-2024-29469
A stored cross-site scripting XSS vulnerability in OneBlog v2.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category List parameter under the Lab module...
CVE-2024-29470
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the component rootpath/links...
CVE-2024-29474
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Management module...
CVE-2024-29473
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Role Management module...
CVE-2024-29471
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...
CVE-2024-29472
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Privilege Management module...
CVE-2024-29472
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Privilege Management module...
CVE-2024-29474
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Management module...
CVE-2024-29471
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...
CVE-2024-29473
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Role Management module...
CVE-2024-29473
OneBlog v2.3.4 contains a stored cross-site scripting (XSS) vulnerability in the Role Management module. The issue stems from insufficient input filtering/escaping of user-supplied data, enabling attacker-supplied scripts to be stored and executed in the victim’s browser. CVSS data indicates low ...
CVE-2024-29470
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the component rootpath/links...
CVE-2024-29471
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...
CVE-2024-29472
OneBlog v2.3.4 contains a stored cross-site scripting (XSS) vulnerability in the Privilege Management module. The CVE-2024-29472 entry indicates a network-exposed, low-privilege XSS with user interaction required, resulting in partial confidentiality/integrity impact and no availability impact. T...
CVE-2024-29473
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Role Management module...
CVE-2024-29474
OneBlog v2.3.4 contains a stored cross-site scripting (XSS) vulnerability in the User Management module. The root cause is a lack of proper filtering/escaping of user-supplied data, enabling arbitrary web script or HTML execution. Affected version: OneBlog 2.3.4. Documents do not provide exploita...
CVE-2024-29470
OneBlog v2.3.4 is affected by a stored XSS vulnerability in the component path {{rootpath}}/links, caused by insufficient filtering/escaping of user input. Impact described across sources: an attacker could inject and execute arbitrary web script/HTML in a victim’s browser. No explicit patch/vers...