Back to search
CVE-2006-4090
Published: Aug 11, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 allows remote attackers to inject arbitrary web script or HTML via the "From: part of the comment post," probably involving the nickname parameter to previewcomment.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
19457
vdb-entry
x_refsource_BID
1359
third-party-advisory
x_refsource_SREASON
27886
vdb-entry
x_refsource_OSVDB
bloghoster-previewcomment-xss(28304)
vdb-entry
x_refsource_XF
20060808 BlogHoster v2.2 Post Comment Html Injection
mailing-list
x_refsource_BUGTRAQ
ADV-2006-3236
vdb-entry
x_refsource_VUPEN
21420
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now