Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mblog Project Subscribe
Filtered by product Mblog
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46028 1 Mblog Project 1 Mblog 2022-01-25 4.3 MEDIUM 4.3 MEDIUM
In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, the article will be deleted.
CVE-2020-19617 1 Mblog Project 1 Mblog 2021-04-02 3.5 LOW 5.4 MEDIUM
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile.
CVE-2020-19618 1 Mblog Project 1 Mblog 2021-04-02 3.5 LOW 5.4 MEDIUM
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing.
CVE-2020-19616 1 Mblog Project 1 Mblog 2021-04-02 3.5 LOW 5.4 MEDIUM
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing.
CVE-2020-19619 1 Mblog Project 1 Mblog 2021-04-02 3.5 LOW 5.4 MEDIUM
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile.