Blog Mini Project: >> Blog Mini >> 1.0 Security Vulnerabilities
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-08-27
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-08-27
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-03-14