Cross site scripting

2006-01-2101:03:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.2%

JSON

Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php.

CPENameOperatorVersion
saralblogeq1.0

CPE	Name	Operator	Version
	saralblog	eq	1.0

References

archives.neohapsis.com/archives/bugtraq/2006-01/0372.html

evuln.com/vulns/40/summary.html

securitytracker.com/id?1015517

www.osvdb.org/27907

www.securityfocus.com/bid/16306

exchange.xforce.ibmcloud.com/vulnerabilities/24219