ACS Blog 0.8/0.9/1.0/1.1 - 'Name' HTML Injection
| EKU-ID: 30662 | CVE: CVE-2005-0945;OSVDB-15087 | OSVDB-ID: |
| Author: Dan Crowley | Published: 2005-03-28 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30662 | CVE: CVE-2005-0945;OSVDB-15087 | OSVDB-ID: |
| Author: Dan Crowley | Published: 2005-03-28 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12921/info
ACS Blog is affected by an HTML injection vulnerability.
The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an affected Web page.
Name: <script>alert("xss");</script>