CVE

CVE-2023-29636

admin

CVE-2023-29636

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString.

Source: CVE-2023-29636

Exit mobile version