Vulnerabilities > Blog Mini Project

DATE CVE VULNERABILITY TITLE RISK
2021-08-27 CVE-2020-18998 Cross-site Scripting vulnerability in Blog Mini Project Blog Mini 1.0
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
network
low complexity
blog-mini-project CWE-79
6.1
2021-08-27 CVE-2020-18999 Cross-site Scripting vulnerability in Blog Mini Project Blog Mini 1.0
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.
network
low complexity
blog-mini-project CWE-79
6.1
2019-03-14 CVE-2019-9765 Cross-site Scripting vulnerability in Blog Mini Project Blog Mini 1.0
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.
network
low complexity
blog-mini-project CWE-79
6.1