Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the search action, possibly related to the term parameter to index.php; or 2 an anonymous blog entry, possibly involving the a postedby, b...