CVE-2006-0846
CVE-2006-0846 affects Leif M. Wright’s Blog 3.5. Multiple XSS vulnerabilities allow remote attackers to inject arbitrary scripts via the Referer and User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator views the Log page (ViewCommentsLog). Root cause: l...