XSS Vulnerability in ZHENFENG13 My-Blog Allows Arbitrary Script Injection
CVE-2023-29639 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString.
Learn more about our Web App Pen Testing.