Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
CPE | Name | Operator | Version |
---|---|---|---|
interra_blog_machine | eq | 1.84 |