Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
flaskBlog XSS Vulnerability in postContent
Vulnerability Description
flaskBlog is a blog app built with Flask. In versions 2.8.1 and prior, improper sanitization of postContent when submitting POST requests to /createpost leads to arbitrary JavaScript execution (XSS) on all pages the post is reflected on including /, /post/[ID], /admin/posts, and /user/[ID] of the user that made the post. At time of publication, there are no public patches available.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
flaskBlog 跨站脚本漏洞
Vulnerability Description
FlaskBlog是Doğukan Ürker个人开发者的一个使用 Flask 构建的简单博客应用程序。 flaskBlog 2.8.1及之前版本存在跨站脚本漏洞,该漏洞源于postContent清理不当,可能导致任意JavaScript执行。
CVSS Information
N/A
Vulnerability Type
N/A