Filtered by vendor Blog Mini Project Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-18999 1 Blog Mini Project 1 Blog Mini 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.
CVE-2020-18998 1 Blog Mini Project 1 Blog Mini 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
CVE-2019-9765 1 Blog Mini Project 1 Blog Mini 2024-11-21 N/A
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.