mtons mblog Post submit cross site scripting_CVE-2025-9429

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

Basic Information

ID CVE-2025-9429

Source VulDB

Published Aug 25, 2025 at 23:32

Affected Product

Vendor mtons

Product mblog

Version 3.0

Affected Versions mtons mblog 3.0
mtons mblog 3.1
mtons mblog 3.2
mtons mblog 3.3
mtons mblog 3.4
mtons mblog 3.5.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2025-08-25T23:32:10.844Z",
    "modified": "2025-08-25T23:32:10.844Z",
    "type": "cve",
    "title": "mtons mblog Post submit cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.321270\nhttps://vuldb.com/?ctiid.321270\nhttps://vuldb.com/?submit.634153\nhttps://vuldb.com/?submit.634155\nhttps://gitee.com/mtons/mblog/issues/ICPMLJ\nhttps://gitee.com/mtons/mblog/issues/ICPMLW",
    "id": "CVE-2025-9429",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "mtons mblog 3.0\nmtons mblog 3.1\nmtons mblog 3.2\nmtons mblog 3.3\nmtons mblog 3.4\nmtons mblog 3.5.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "mblog",
    "version": "3.0",
    "vendor": "mtons",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}