a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated attacker may hijack a legitimate user's session.
Add your gear to cvedb and we'll alert you only when appleple ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.