CVE-2026-4616

Name of the Vulnerable Software and Affected Versions bolo-blog version 2.6.4

Description A security issue exists in bolo-blog 2.6.4. The affected element is a function within the file /console/article/ of the Article Title Handler component. Manipulating the articleTitle argument can lead to cross site scripting. This attack can be initiated remotely. An exploit for this issue has been publicly released. The project was notified of the problem through an issue report but has not yet responded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.