Lucene search
K
Mblog ProjectMblog

6 matches found

CVE
CVE
added 2021/04/01 7:1 p.m.70 views

CVE-2020-19618

CVE-2020-19618 affects mblog 3.5, with an XSS in the post editing flow exposed via the post content field on /post/editing. The connected documents confirm the vulnerable component and entry point, but do not provide concrete patch/version details or remediation steps. Exploitation status is not ...

5.4CVSS5.2AI score0.00637EPSS
CVE
CVE
added 2021/04/01 6:59 p.m.65 views

CVE-2020-19617

CVE-2020-19617 affects mblog 3.5. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable via the nickname field in /settings/profile. The root cause is not explicitly detailed beyond the XSS description in the provided sources. Potential impact is XSS that could inject arbitrary scri...

5.4CVSS5.2AI score0.00603EPSS
CVE
CVE
added 2021/04/01 6:56 p.m.63 views

CVE-2020-19616

CVE-2020-19616 concerns a Cross-Site Scripting (XSS) vulnerability in the open-source Java blog system mblog, reported for version 3.5.0. The flaw is triggered via the post header field when editing a post, specifically through the /post/editing endpoint. The connected sources corroborate the iss...

5.4CVSS5.2AI score0.00603EPSS
CVE
CVE
added 2021/04/01 7:3 p.m.62 views

CVE-2020-19619

CVE-2020-19619 is a Cross‑Site Scripting (XSS) vulnerability affecting mblog 3.5, exploitable via the signature field on the /settings/profile page. The vulnerability is described across multiple sources as allowing injection of arbitrary web scripts/HTML through that field, with the issue locate...

5.4CVSS5.2AI score0.00637EPSS
CVE
CVE
added 2022/01/19 11:7 p.m.60 views

CVE-2021-46028

In mblog

4.3CVSS4.6AI score0.00355EPSS
CVE
CVE
added 2023/05/08 12:0 a.m.52 views

CVE-2021-27280

The CVE-2021-27280 vulnerability affects mblog version 3.5.0 and is described as an OS command injection vulnerability that allows an attacker to execute arbitrary code through a crafted theme selected in the UI. The root cause is tied to what the sources label as a command injection weakness in ...

7.8CVSS7.9AI score0.00973EPSS