3 matches found
CVE-2011-1953
CVE-2011-1953 affects Post Revolution prior to 0.8.0c-2. The vuln is a set of XSS flaws in common.php (allowed tags: p, a, strong, em, i, img, li, ol, video, blockquote) that do not sanitize attributes, enabling arbitrary script via tag attributes. A DoS path exists in a loop when removing non-pe...
Post Revolution 0.8.0c Multiple Remote Vulnerabilities
info ——————————— Name : Post Revolution 0.8.0c Multiple Remote Vulnerabilities Class: Design Error && Input Validation Error CVE: CVE-2011-1952, CVE-2011-1953, CVE-2011-1954 Remote: Yes Local: No Credit : Javier Bassi javierbassi at gmail dot com Vulnerable : All versions prior to and including...
Post Revolution 0.8.0c XSS / XSRF / Denial Of Service
info Name : Post Revolution 0.8.0c Multiple Remote Vulnerabilities Class: Design Error && Input Validation Error CVE: CVE-2011-1952, CVE-2011-1953, CVE-2011-1954 Remote: Yes Local: No Credit : Javier Bassi Vulnerable : All versions prior to and including 0.8.0c are affected. Vendor...