Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute an arbitrary script on the logged-in user's web browser.
References
Link | Resource |
---|---|
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | Vendor Advisory |
https://jvn.jp/en/jp/JVN34565930/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2024-01-23T09:39:05.114Z
Updated: 2024-01-23T09:39:05.114Z
Reserved: 2024-01-12T05:24:51.969Z
Link: CVE-2024-23183
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-23T10:15:10.590
Modified: 2024-01-29T22:55:48.787
Link: CVE-2024-23183
JSON object: View
Redhat Information
No data.
CWE