CVE-2025-8740 Information
Aug 09, 2025
cve
Description
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Reference
https://github.com/ZHENFENG13/My-Blog/issues/146 https://github.com/ZHENFENG13/My-Blog/issues/146#issue-3265304545 https://vuldb.com/?ctiid.319236 https://vuldb.com/?id.319236 https://vuldb.com/?submit.623480
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
LOW
Base Score
NONE
Base Severity
2.4
Related CNNVD
CNNVD-202508-791 (Published: 2025-08-08)
Share on: