2 matches found
CVE-2025-2339
Summary of CVE-2025-2339 (otale Tale Blog 2.0.5): A vulnerability involving improper authentication was reported in Tale Blog 2.0.5. The issue affects an unknown part of the file /%61dmin/api/logs. It can be exploited remotely, and public exploitation is noted in the sources. The vulnerability is...
CVE-2025-2340
Summary (CVE-2025-2340): A cross-site scripting flaw affects Tale Blog 2.0.5, specifically the Site Settings component: the function /options/save.saveOptions accepts a manipulated Site Title, enabling remote XSS. The vulnerability’s root cause is input handling in the Site Title argument, leadin...