Vulnerabilities > Mblog Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-20 CVE-2021-46028 Cross-Site Request Forgery (CSRF) vulnerability in Mblog Project Mblog
In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management.
network
low complexity
mblog-project CWE-352
4.3
4.3
2021-04-01 CVE-2020-19619 Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile.
network
low complexity
mblog-project CWE-79
5.4
5.4
2021-04-01 CVE-2020-19618 Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing.
network
low complexity
mblog-project CWE-79
5.4
5.4
2021-04-01 CVE-2020-19617 Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile.
network
low complexity
mblog-project CWE-79
5.4
5.4
2021-04-01 CVE-2020-19616 Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing.
network
low complexity
mblog-project CWE-79
5.4
5.4