OneBlog User Management Module Cross-Site Scripting Vulnerability
OneBlog is a Java blog. A cross-site scripting vulnerability exists in OneBlog v2.3.4, which stems from a lack of effective filtering and escaping of user-supplied data in the User Management module, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a...