Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
zhenfeng13 My-Blog save cross-site request forgery
Vulnerability Description
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
My-Blog 安全漏洞
Vulnerability Description
My-Blog是ZHENFENG13个人开发者的由 SpringBoot + Mybatis + Thymeleaf 等技术实现的 Java 博客系统,页面美观、功能齐全、部署简单及完善的代码。 My-Blog 1.0.0及之前版本存在安全漏洞,该漏洞源于对参数tagName的错误操作导致跨站请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A