CVE-2024-25837
Published
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
A stored cross-site scripting (XSS) vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments section.
BlogHub - Enhances RainLab.Blog for OctoberCMS with moderatable comments, tags, meta fields, stats, and more powerful features.
GitHub