Javaweb Blog Project: Security Vulnerabilities
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-01-26
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-01-23