UApplication Ublog 1.0.x - Cross-Site Scripting
| EKU-ID: 30666 | CVE: CVE-2005-0925;OSVDB-15121 | OSVDB-ID: |
| Author: PersianHacker Team | Published: 2005-03-29 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30666 | CVE: CVE-2005-0925;OSVDB-15121 | OSVDB-ID: |
| Author: PersianHacker Team | Published: 2005-03-29 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. Ublog 1.0.4 and prior versions are reportedly affected by this issue. http://www.example.com/login.asp?msg=<script>alert(XSS)</script>