6.2 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.5%
Cross-site scripting (XSS) vulnerability in ecrire/tools.php in DotClear 1.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified form fields on the blogroll page.
ar3av.free.fr/faille-dotclear.php
osvdb.org/43958
secunia.com/advisories/25971