Cross site scripting

2006-01-1801:07:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 allow remote attackers to inject arbitrary web script or HTML via (1) a comment to comments.asp and (2) possibly certain other fields in unspecified scripts.

CPENameOperatorVersion
simple_blogeq2.1

CPE	Name	Operator	Version
	simple_blog	eq	2.1

References

secunia.com/advisories/18488

www.hackerscenter.com/archive/view.asp?id=21926

www.osvdb.org/22448

www.securityfocus.com/archive/1/422102/100/0/threaded

www.securityfocus.com/bid/16243

www.vupen.com/english/advisories/2006/0194

exchange.xforce.ibmcloud.com/vulnerabilities/24154