CVE-2023-22856 Information

Description

A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0 allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file.

Reference

https://www.themissinglink.com.au/security-advisories/cve-2023-22856