Vulnerabilities > Miniblog Core Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-16 | CVE-2019-9845 | Improper Input Validation vulnerability in Miniblog.Core Project Miniblog.Core madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension. | 7.5 |