CVE-2024-31395

Name of the Vulnerable Software and Affected Versions a-blog cms versions prior to 3.1.12 a-blog cms versions prior to 3.0.32 a-blog cms versions prior to 2.11.61 a-blog cms versions prior to 2.10.53 a-blog cms version 2.9 and earlier

Description A cross-site scripting issue exists, allowing a user with editor or higher privilege who can log in to the product to execute an arbitrary script on the web browser of the user who accessed the schedule management page.

Recommendations For versions prior to 3.1.12, update to version 3.1.12 or later. For versions prior to 3.0.32, update to version 3.0.32 or later. For versions prior to 2.11.61, update to version 2.11.61 or later. For versions prior to 2.10.53, update to version 2.10.53 or later. For version 2.9 and earlier, update to a later version.