VYPR

ForestBlog

by GitHub

CVEs (2)

  • CVE-2022-29020MedApr 16, 2022
    risk 0.40cvss 6.1epss 0.01

    ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS during addition of a user avatar.

  • CVE-2021-46034MedJan 25, 2022
    risk 0.40cvss 6.1epss 0.01

    A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box.