Geeklog grp_desc parameter cross-site scripting vulnerability
Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in the Geeklog grpdesc parameter due to an incorrect validation of user-supplied input by the publichtml/admin/group.php script. An attacker could use the vulnerability to steal the victim's cookie-base...