CVE-2007-0175

Cross-site scripting XSS vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirectto parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirectto parameter...

CVE-2007-0175

Cross-site scripting XSS vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirectto parameter...

CVE-2007-0175

CVE-2007-0175 describes an XSS vulnerability in b2evolution 1.8.6, where the htsrv/login.php script accepts scriptable attributes in the redirect_to parameter to inject arbitrary HTML/JS. Connected records corroborate remote cross-site scripting due to insufficient input sanitising. Debian/DSA-15...

CVE-2006-0733

Cross-site scripting XSS vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as 1 onfocus and 2 onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only...

Cross site scripting

DISPUTED Cross-site scripting XSS vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as 1 onfocus and 2 onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue i...

CVE-2006-0733

Cross-site scripting XSS vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as 1 onfocus and 2 onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only...

CVE-2006-0733

Cross-site scripting XSS vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as 1 onfocus and 2 onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only...

PT-2006-1785 · WordPress +1 · Wordpress +1

Name of the Vulnerable Software and Affected Versions: WordPress version 2.0.0 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as onfocus and onblur in the "author's website" field. It is suggested that th...