typecho is a PHP blogging platform for typecho personal developers that is simple and powerful. typecho 1.2.1 version of a cross-site scripting vulnerability, the vulnerability stems from the file /admin/options-theme.php on the lack of effective user-supplied data filtering and escaping, an attacker can be exploited to inject a well-designed payload to execute arbitrary Web script or HTML.