Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the logged-in user's web browser.
References
Link | Resource |
---|---|
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | Vendor Advisory |
https://jvn.jp/en/jp/JVN34565930/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2024-01-23T09:38:08.211Z
Updated: 2024-01-23T09:38:08.211Z
Reserved: 2024-01-12T05:24:51.969Z
Link: CVE-2024-23181
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-23T10:15:10.493
Modified: 2024-01-29T22:55:15.377
Link: CVE-2024-23181
JSON object: View
Redhat Information
No data.
CWE