CVE-2025-9647

Name of the Vulnerable Software and Affected Versions mtons mblog versions up to 3.5.0

Description A weakness exists in mtons mblog due to cross site scripting. The issue affects unknown processing of the file /admin/role/list. Manipulation of the Name argument causes the issue. The exploit has been made publicly available and could be exploited remotely.

Recommendations Versions prior to 3.5.1 are affected. As a temporary workaround, restrict access to the /admin/role/list file to minimize the risk of exploitation. Sanitize the Name argument to prevent the injection of malicious scripts.