xpleaf/Blog_mini

xpleaf/Blog_mini

Releases1

Frequency

Last Release about 10 years ago

Stars981

An Open Source Blog System that developed with Flask.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-18998 ↗	Aug 27, 2021Friday, 27 August 2021, 19:15	6.1 MEDIUM	4.3 MEDIUM
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
CVE-2020-18999 ↗	Aug 27, 2021Friday, 27 August 2021, 19:15	6.1 MEDIUM	4.3 MEDIUM
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.
CVE-2019-9765 ↗	Mar 14, 2019Thursday, 14 March 2019, 09:29	—	4.3 MEDIUM
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.