3 matches found
CVE-2017-17792
Cross site scripting XSS vulnerability in the markupcleanhref function in inc/conv.php in BlogoText through 3.7.6 allows remote attackers to inject arbitrary JavaScript via a comment...
CVE-2017-17792
Cross site scripting XSS vulnerability in the markupcleanhref function in inc/conv.php in BlogoText through 3.7.6 allows remote attackers to inject arbitrary JavaScript via a comment...
CVE-2017-17792
BlogoText (CMS) contains a Cross-site scripting (XSS) flaw in the markup_clean_href function, inc/conv.php, up to version 3.7.6. The root cause is improper handling in markup_clean_href that allows remote attackers to inject arbitrary JavaScript via a comment, as described in multiple sources (NV...