Zhyd: Security Vulnerabilities
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the User Management module.
CVSS Score
5.4
EPSS Score
0.007
Published
2024-03-20
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-06-23
Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-06-23
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-06-23
Page 2