6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.3%
bBlog is weblog software. bBlog contains a cross-site request forgery vulnerability (CWE-352).
If a user views a malicious page while logged in, unintended operations may be performed.
Do not use bBlog
bBlog is no longer being developed or maintained. It is recommended to stop using bBlog.
The developer states that “DO NOT use this software in production. It is years out of date. It is here simply for historical purposes. There are known security issues.”