2 matches found
CVE-2006-2880
Cross-site scripting XSS vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the 1 url and 2 author fields...
CVE-2006-2880
CVE-2006-2880 describes a Cross-site scripting (XSS) vulnerability in the PyBlosxom Contributed Packages, affecting version 1.2.2 and earlier. The flaw resides in the Comments plugin, where user-supplied input in the url and author fields can be interpreted as HTML/script by the web application, ...