2 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString. • https://github.com/ZHENFENG13/My-Blog/issues/131 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString. • https://github.com/ZHENFENG13/My-Blog/issues/131 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •