b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header that is mishandled during display of a client IP address in /admin/user/userid.
5.4CVSS
5.2AI Score
0.001EPSS
b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.
9.8CVSS
9.6AI Score
0.011EPSS
In Symphony before 3.3.0, there is XSS in the Title under Post. The ID "articleTitle" of this is stored in the "articleTitle" JSON field, and executes a payload when accessing the /member/test/points URI, allowing remote attacks. Any Web script or HTML can be inserted by an admin-authenticated user...
4.8CVSS
4.8AI Score
0.001EPSS
6.1CVSS
6AI Score
0.001EPSS
An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS exists via the userIntro and userNickname fields to processor/SettingsProcessor.java.
6.1CVSS
5.9AI Score
0.001EPSS
An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component.
9.8CVSS
9.6AI Score
0.004EPSS