CVE-2025-9407 | mtons mblog up to 3.5.0 /settings/profile signature cross site scripting (ICPML3)

Inserito da Angelo Barbosa | Ago 25, 2025 | CVE

A vulnerability classified as problematic was found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-9407. The attack may be launched remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2025-9407 | mtons mblog up to 3.5.0 /settings/profile signature cross site scripting (ICPML3)

Post correlati

CVE-2025-53478 | CheckUser Extension up to 1.39.12/1.42.6/1.43.1 on Mediawiki Special:Investigate Interface cross site scripting

CVE-2024-20488 | Cisco Unified Communications Manager up to 15 Web-based Management Interface cross site scripting (cisco-sa-cucm-xss-9zmfHyZ)

CVE-2025-6511 | Netgear EX6150 1.0.0.46_1.0.76 sub_410090 stack-based overflow

CVE-2024-1196 | SourceCodester Testimonial Page Manager 1.0 HTTP POST Request add-testimonial.php name/description/testimony cross site scripting