Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/upload/PostImage. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted file.
References
Link | Resource |
---|---|
https://github.com/blogifierdotnet/Blogifier/issues/316 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2022-07-20 11:15
Updated : 2022-07-27 10:19
NVD link : CVE-2022-35569
Mitre link : CVE-2022-35569
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
blogifier
- blogifier