2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the comment feature in Skeletonz CMS 1.0, when the Blog plugin is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Website, and 3 Email parameters. NOTE: some of these details are obtained from third part...
CVE-2010-4734
CVE-2010-4734 : Concrete details across multiple sources show multiple XSS vulnerabilities in the comment feature of Skeletonz CMS 1.0 when the Blog plugin is enabled. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the Name, Website, and Email parameters. Th...