CVE-2014-2236
Askbot prior to 0.7.49 contains HTML/JS injection (XSS) via the tag and user search forms. Affected component: Askbot web UI input handling. Root cause: improper sanitization in those forms leads to arbitrary script execution in context of the user’s browser. Impact per sources: remote attacker c...