Medium severity4.3NVD Advisory· Published Apr 7, 2023· Updated Jun 17, 2026
CVE-2023-1937
CVE-2023-1937
Description
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-225264.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: n/a
Patches
Vulnerability mechanics
References
3- gitee.com/zhenfeng13/My-Blog/issues/I6PV4UnvdExploitIssue Tracking
- vuldb.comnvdThird Party Advisory
- vuldb.comnvdPermissions Required
News mentions
0No linked articles in our index yet.