Vulnerabilities > Miniblog Core Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-02 | CVE-2022-37679 | Cross-site Scripting vulnerability in Miniblog.Core Project Miniblog.Core 1.0 Miniblog.Core v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /blog/edit. | 4.8 |
2019-04-16 | CVE-2019-9845 | Improper Input Validation vulnerability in Miniblog.Core Project Miniblog.Core madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension. | 9.8 |