Uufr

**Name of the Vulnerable Software and Affected Versions** Mogu blog version 5.2 **Description** The issue is related to Cross Site Scripting (XSS), which is a type of attack where an attacker injects malicious scripts into a website. **Recommendations** For version 5.2, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Taocms version 3.0.2 **Description** The issue is related to a blind SQL injection vulnerability. This vulnerability is exploited via the `Edit category` function. **Recommendations** For Taocms version 3.0.2, consider restricting access to the `Edit category` function until a patch is available. As a temporary workaround, avoid using the `Edit category` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.