Oneblog Project - Oneblog CVE

Filtered by vendor Oneblog Project Subscribe

Filtered by product Oneblog

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-46085	1 Oneblog Project	1 Oneblog	2024-11-21	4.0 MEDIUM	6.5 MEDIUM
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.
CVE-2021-46025	1 Oneblog Project	1 Oneblog	2024-11-21	3.5 LOW	5.4 MEDIUM
A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.

Vulnerabilities (CVE)