Cross Site Scripting (XSS) vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function.
References
Link | Resource |
---|---|
https://github.com/perfree/PerfreeBlog/issues/14 | Exploit Issue Tracking Vendor Advisory |
Configurations
History
26 May 2023, 19:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Perfree perfreeblog
Perfree |
|
CPE | cpe:2.3:a:perfree:perfreeblog:3.1.2:*:*:*:*:*:*:* |
06 May 2023, 03:08
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/perfree/PerfreeBlog/issues/14 - Exploit, Issue Tracking, Vendor Advisory | |
CPE | cpe:2.3:a:perfreeblog_project:perfreeblog:3.1.2:*:*:*:*:*:*:* | |
CWE | CWE-79 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
First Time |
Perfreeblog Project perfreeblog
Perfreeblog Project |
01 May 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-01 16:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-29643
Mitre link : CVE-2023-29643
CVE.ORG link : CVE-2023-29643
JSON object : View
Products Affected
perfree
- perfreeblog
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')