CVE-2023-29636

Publication date

2023-05-01 00:00:00

Family

mitre

State

PUBLISHED

Description

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString.