Lucene search
JpcertCVELIST:CVE-2024-23181HistoryJan 23, 2024 - 9:38 a.m.
CVE-2024-23181
2024-01-2309:38:08
jpcert
www.cve.org
2
cve-2024-23181
remote unauthenticated attacker
arbitrary script execution
web browser exploitation
a-blog cms
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the logged-in user’s web browser.
CNA Affected
[
{
"vendor": "appleple inc.",
"product": "a-blog cms Ver.3.1.x series",
"versions": [
{
"version": "prior to Ver.3.1.7",
"status": "affected"
}
]
},
{
"vendor": "appleple inc.",
"product": "a-blog cms Ver.3.0.x series",
"versions": [
{
"version": "prior to Ver.3.0.29",
"status": "affected"
}
]
},
{
"vendor": "appleple inc.",
"product": "a-blog cms Ver.2.11.x series",
"versions": [
{
"version": "prior to Ver.2.11.58",
"status": "affected"
}
]
},
{
"vendor": "appleple inc.",
"product": "a-blog cms Ver.2.10.x series",
"versions": [
{
"version": "prior to Ver.2.10.50",
"status": "affected"
}
]
},
{
"vendor": "appleple inc.",
"product": "a-blog cms",
"versions": [
{
"version": "Ver.2.9.0 and earlier ",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2024-23181
2024-01-23 10:15:10
cve
cve
CVE-2024-23181
2024-01-23 10:15:10
prion
prion
Cross site scripting
2024-01-23 10:15:00
jvn
jvn
JVN#34565930: Multiple vulnerabilities in a-blog cms
2024-01-22 00:00:00