Vulnerabilities
Vulnerable Software
B3log:  >> Symphony  >> 3.3.0  Security Vulnerabilities
An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component.
CVSS Score
9.8
EPSS Score
0.038
Published
2024-02-05
b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-10-10
An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS exists via the userIntro and userNickname fields to processor/SettingsProcessor.java.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-02-25


Contact Us

Shodan ® - All rights reserved