Iwama Yuu

**Name of the Vulnerable Software and Affected Versions** a-blog cms versions prior to 2.8.75 a-blog cms versions prior to 2.9.40 a-blog cms versions prior to 2.10.44 a-blog cms versions prior to 2.11.42 a-blog cms versions prior to 3.0.1 **Description** The issue allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors, which can lead to cross-site scripting. **Recommendations** For versions prior to 2.8.75, update to version 2.8.75 or later. For versions prior to 2.9.40, update to version 2.9.40 or later. For versions prior to 2.10.44, update to version 2.10.44 or later. For versions prior to 2.11.42, update to version 2.11.42 or later. For versions prior to 3.0.1, update to version 3.0.1 or later.