CVE-2022-34013

MEDIUM

OneBlog v2.3.4 - SSRF

Title source: llm

Description

OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module.

Exploits (1)

gitee 5,303 stars
by yadong.zhang · javawriteup
https://gitee.com/yadong.zhang/DBlog/issues/I5CB2A

References (1)

Scores

CVSS v3 4.3
EPSS 0.0013
EPSS Percentile 32.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-918
Status published
Products (1)
zhyd/oneblog 2.3.4
Published Jun 23, 2022
Tracked Since Feb 18, 2026