Cross site scripting

2024-01-2310:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

a-blog cms

remote attack

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute an arbitrary script on the logged-in user’s web browser.

CPENameOperatorVersion
a-blog_cmsle2.9.0
a-blog_cmsge2.10.0
a-blog_cmslt2.10.50
a-blog_cmsge2.11.0
a-blog_cmslt2.11.58
a-blog_cmsge3.1.0
a-blog_cmslt3.1.7
a-blog_cmsge3.0.0
a-blog_cmslt3.0.29

Name	Operator	Version
a-blog_cms	le	2.9.0
a-blog_cms	ge	2.10.0
a-blog_cms	lt	2.10.50
a-blog_cms	ge	2.11.0
a-blog_cms	lt	2.11.58
a-blog_cms	ge	3.1.0
a-blog_cms	lt	3.1.7
a-blog_cms	ge	3.0.0
a-blog_cms	lt	3.0.29