Vulnerability Details CVE-2023-29639
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.2%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2023-29639
-
cpe:2.3:a:zhenfeng13_my-blog_project:zhenfeng13_my-blog:-