CVE-2023-29643

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 3.1.2

Description The issue is a Cross Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via the Post function. This enables attackers to potentially inject malicious scripts into the website, affecting user sessions.

Recommendations For PerfreeBlog version 3.1.2, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the Post function until a patch is available. Avoid using the Post function in a way that could allow arbitrary code execution until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.