A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.
5.4CVSS
5.2AI Score
0.001EPSS
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.
6.5CVSS
6.4AI Score
0.001EPSS