Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BlogEngine v3.3.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /blogengine/api/posts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BlogEngine 跨站脚本漏洞
Vulnerability Description
BlogEngine是一套开源的ASP.NET博客系统。该系统支持Ajax评论、自定义主题等。 BlogEngine v3.3.8.0版本存在跨站脚本漏洞,该漏洞源于通过组件 /blogengine/api/posts 发现包含跨站点脚本 (XSS) 漏洞。攻击者利用该漏洞通过注入 Description 字段的特制有效载荷执行任意 Web 脚本或 HTML。
CVSS Information
N/A
Vulnerability Type
N/A