CVE-2007-3973
CVE-2007-3973 affects JBlog 1.0 and involves multiple cross-site scripting (XSS) vulnerabilities. Remote attackers can inject arbitrary web script or HTML through (1) the id parameter to index.php, or (2) the search parameter, or (3) the theme cookie to recherche.php. The root cause is input hand...