A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-05-05
A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.
CVSS Score
5.4
EPSS Score
0.03
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.
CVSS Score
5.4
EPSS Score
0.027
Published
2022-01-06
Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.
CVSS Score
6.1
EPSS Score
0.03
Published
2021-10-19
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-07-23