2 matches found
CVE-2008-6476
creationtimestamp| type| source ---|---|--- 2009-04-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32874...
CVE-2008-6476
The CVE-2008-6476 entry refers to a Cross-site scripting (XSS) vulnerability in BlogEngine.NET . The issue affects the page blog/search.aspx where input from the q parameter can be used to inject arbitrary web script/HTML. Root cause: insufficient input sanitization on the user-controlled query p...