CVE-2023-22856

A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt