XSS Vulnerability in ZHENFENG13 My-Blog Allows Arbitrary Script Injection

XSS Vulnerability in ZHENFENG13 My-Blog Allows Arbitrary Script Injection

CVE-2023-29639 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString.

Learn more about our Web App Pen Testing.