Vulnerabilities (CVE)

Filtered by vendor Oneblog Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46085 1 Oneblog Project 1 Oneblog 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.
CVE-2021-46025 1 Oneblog Project 1 Oneblog 2024-11-21 3.5 LOW 5.4 MEDIUM
A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.