CVE-2024-25559

Published: Feb 15, 2024

Modified: Nov 1, 2024

PUBLISHED

Description

URL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to Ver.3.1.8. If an attacker sends a specially crafted request, the administrator of the product may be forced to access an arbitrary website when clicking a link in the audit log.

Vendor	Product	Versions
appleple inc.	a-blog cms	affected `Ver.3.1.0 to Ver.3.1.8`

References

https://developer.a-blogcms.jp/blog/news/JVN-48966481.html

https://jvn.jp/en/jp/JVN48966481/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-25559

Description

Affected Products

References