CVE-2005-3494
CVE-2005-3494 describes a cross-site scripting (XSS) flaw in Ar-blog versions 5.2 and earlier. The vulnerability allows a remote attacker to inject arbitrary web script or HTML through a blog comment, potentially compromising user sessions or displaying malicious content. The connected documents ...