CVE-2021-46028
Published
CVSS v3
4.3
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, the article will be deleted.
开源免费的Java博客系统, 采用spring-boot、spring-data-jpa、shiro、freemarker、bootstrap等框架, 支持Docker
GitHub