Oneblog@* Security Vulnerabilities and Issues — Oneblog@* CVE List

Lucene search

ZhydOneblog*

3 matches found

CVE•added 2025/02/10 6:15 p.m.•57 views

CVE-2024-54954

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department.

8CVSS7.3AI score0.00125EPSS

CVE•added 2025/03/27 4:15 a.m.•55 views

CVE-2025-2835

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched remo...

5.3CVSS6.9AI score0.00039EPSS

CVE•added 2025/03/27 4:15 a.m.•52 views

CVE-2025-2833

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been classified as problematic. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to inefficient regular expression complexity. It is possible to launch the ...

6.9CVSS6.9AI score0.00141EPSS