Cross site scripting

Cross-site scripting XSS vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter...

CVE-2009-3594

CVE-2009-3594 is a cross-site scripting (XSS) vulnerability in BLOB Blog System, affecting versions before 1.2. The issue arises in bpost.php via the postid parameter, enabling remote attackers to inject arbitrary script/HTML. The NVD/OpenVAS entries corroborate a non-authenticated web parameter ...