Oneblog

oneblog

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-46085 1Oneblog Project 1Oneblog Nov 21, 2024 Jan 25, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.
CVE-2021-46025 1Oneblog Project 1Oneblog Nov 21, 2024 Jan 19, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.