Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zhenfeng13_my-blog_project | zhenfeng13_my-blog | - |
| zhenfeng13 | my_blog | - |
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zhenfeng13_my-blog_project | zhenfeng13_my-blog | - |
| zhenfeng13 | my_blog | - |