Oneblog Security Vulnerabilities and Issues — Oneblog CVE List

Lucene search

ZhydOneblog

4 matches found

CVE•added 2024/03/20 9:15 p.m.•56 views

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module.

5.4CVSS5.9AI score0.00067EPSS

CVE•added 2025/03/27 4:15 a.m.•55 views

CVE-2025-2835

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched remo...

5.3CVSS6.9AI score0.0005EPSS

CVE•added 2024/03/20 9:15 p.m.•52 views

CVE-2024-29472

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module.

5.4CVSS6AI score0.00067EPSS

CVE•added 2024/03/20 9:15 p.m.•45 views

CVE-2024-29474

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the User Management module.

5.4CVSS5.9AI score0.00553EPSS