CVE-2006-1122
CVE-2006-1122 describes a cross-site scripting (XSS) vulnerability in Default.asp of D2KBlog 1.0.3 and earlier. The issue allows remote attackers to inject arbitrary script/HTML via the msg parameter. Affected software is D2KBlog prior to or at version 1.0.3; root cause is improper handling of us...