CVE-2005-4785

2006-04-1423:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author (“your name”) and (2) “comment” section.

References

archives.neohapsis.com/archives/fulldisclosure/2005-07/0090.html

exploitlabs.com/files/advisories/EXPL-A-2005-011-quickblogger.txt

secunia.com/advisories/15942

securitytracker.com/id?1014386

www.securityfocus.com/bid/14152

www.vupen.com/english/advisories/2005/0987

exchange.xforce.ibmcloud.com/vulnerabilities/21244