Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-31395

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with an editor or higher privilege who can log in to the product may execute an arbitrary script on the web browser of the user who accessed the schedule management page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.5%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2024-31395


Contact Us

Shodan ® - All rights reserved