hjue/JustWriting

Releases5

Frequency1 month 1 week

Last Release over 11 years ago

Stars525

markdown blog system

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-41467 ↗	Oct 1, 2021Friday, 1 October 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter.