Headline
CVE-2023-22856: Stored cross-site scripting in BlogEngine.NET version 3.3.8.0
A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file.
CVE-2023-22856
Discovered by Ahsan Aziz on behalf of The Missing Link Security
Vulnerability Details
A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file.
Affected Versions
Discovered in: 3.3.8.0
Latest News
WorldPride: How I became my own biggest ally in the workplace and you can too
The biggest cloud computing trends to look out for this year
Four reasons to train your employees in cyber security in 2023
See All News