Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. This vulnerability is different from CVE-2022-23916.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2022-02-24T09:50:32
Updated: 2024-08-03T04:07:02.425Z
Reserved: 2022-02-16T00:00:00
Link: CVE-2022-24374
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-24T15:15:29.287
Modified: 2024-11-21T06:50:17.380
Link: CVE-2022-24374
Redhat
No data.