mtons mblog update cross site scripting_CVE-2025-9430

4.8 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2025-9430

Source VulDB

Published Aug 26, 2025 at 00:02

Affected Product

Vendor mtons

Product mblog

Version 3.0

Affected Versions mtons mblog 3.0
mtons mblog 3.1
mtons mblog 3.2
mtons mblog 3.3
mtons mblog 3.4
mtons mblog 3.5.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.",
    "published": "2025-08-26T00:02:10.350Z",
    "modified": "2025-08-26T00:02:10.350Z",
    "type": "cve",
    "title": "mtons mblog update cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.321271\nhttps://vuldb.com/?ctiid.321271\nhttps://vuldb.com/?submit.634156\nhttps://gitee.com/mtons/mblog/issues/ICPMMF",
    "id": "CVE-2025-9430",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "mtons mblog 3.0\nmtons mblog 3.1\nmtons mblog 3.2\nmtons mblog 3.3\nmtons mblog 3.4\nmtons mblog 3.5.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "mblog",
    "version": "3.0",
    "vendor": "mtons",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}