Blog Mini Project Blog Mini — known CVE vulnerabilities
Every CVE whose affected-product data names Blog Mini Project Blog Mini, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-9765 — CVSS 6.1 (medium): In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to…
CVE-2020-18998 — CVSS 6.1 (medium): Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/…
CVE-2020-18999 — CVSS 6.1 (medium): Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.