Blog Mini Project - Blog Mini CVE - OpenCVE

Filtered by vendor Blog Mini Project Subscriptions

Filtered by product Blog Mini Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-9765	1 Blog Mini Project	1 Blog Mini	2024-08-04	N/A
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.
CVE-2020-18998	1 Blog Mini Project	1 Blog Mini	2024-08-04	6.1 Medium
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
CVE-2020-18999	1 Blog Mini Project	1 Blog Mini	2024-08-04	6.1 Medium
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.

Page 1 of 1.