Vulnerabilities > Forestblog Project > Forestblog > 2019.04.04

DATE CVE VULNERABILITY TITLE RISK
2023-12-17 CVE-2023-6887 Unspecified vulnerability in Forestblog Project Forestblog 20190404/20220630
A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630.
network
low complexity
forestblog-project
critical
 9.8
9.8
2022-04-16 CVE-2022-29020 Cross-site Scripting vulnerability in Forestblog Project Forestblog 20190404
ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS during addition of a user avatar.
network
low complexity
forestblog-project CWE-79
6.1
6.1
2021-05-11 CVE-2020-18964 Cross-Site Request Forgery (CSRF) vulnerability in Forestblog Project Forestblog 20190404
Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges.
network
low complexity
forestblog-project CWE-352
8.8
8.8