CVE-2025-9433

Name of the Vulnerable Software and Affected Versions: mtons mblog versions up to 3.5.0

Description: A vulnerability exists in mtons mblog up to version 3.5.0. The issue is located in an unknown function within the /admin/user/list file of the Admin Panel component. Manipulation of the Name argument results in cross-site scripting. The attack can be initiated remotely. The exploit has been made public.

Recommendations: Versions prior to 3.5.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.