Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Javaweb_blog
(Javaweb_blog_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-01-23 | CVE-2022-40034 | Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter. | Javaweb_blog | 5.4 | ||
| 2023-01-26 | CVE-2022-40037 | An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile. | Javaweb_blog | 9.8 |