zhangyd-c/OneBlog

Releases7

Frequency10 months 3 weeks

Last Release almost 2 years ago

Stars1.1K

:alien: OneBlog，一个简洁美观、功能强大并且自适应的Java博客

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-46085 ↗	Jan 25, 2022Tuesday, 25 January 2022, 16:15	6.5 MEDIUM	4 MEDIUM
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.
CVE-2021-46025 ↗	Jan 19, 2022Wednesday, 19 January 2022, 23:15	5.4 MEDIUM	3.5 LOW
A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.