Arbitrary Script Injection in bBlog 0.7.4 via Entry Title and Comment Body

Arbitrary Script Injection in bBlog 0.7.4 via Entry Title and Comment Body

CVE-2005-1309 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.

Learn more about our Web App Pen Testing.